3d0f7e8ee7a38f8dbb63826f15fdbf69d28d91ce4dde53133aebf4400abe5ead | Triage

Resubmissions

23/08/2024, 09:01 UTC

240823-ky1r9axfmq 10

28/07/2024, 15:13 UTC

240728-sl7c9svaqf 10

Analysis

max time kernel
13s
max time network
20s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
28/07/2024, 15:13 UTC

Sharing

Report Analysis Logs

General

Target

build2.exe
Size

2.6MB
MD5

410e91a252ffe557a41e66a174cd6dcb
SHA1

54b311d2c9909ac9f03d26b30db6c94dadde4cdb
SHA256

67ce38dec54fd963ff28f4a257d58133eb241c909f9e06c859de0a7f00976202
SHA512

98b7547a8f41a92899ef018125df551bdd085ac2444a4542ee9fc1e44388de6824c5b41600ba8b73feb97dd882da0c5a9844ef73509565a3be3a2dc00c10f06d
SSDEEP

49152:wXduhClX5Td3dKHJH2u4DTUN8A0AAlFnK9O5JDW0ZX+Gh8e9waVp/EoQ4PKw/n0+:LkUixA0Zea

Score

10^/10

stealer

Malware Config

Signatures

DeerStealer 3 IoCs

Detects DeerStealer malware - JaffaCakes118.

resource	yara_rule
behavioral1/memory/296-0-0x000000013F0B0000-0x000000013F3BD000-memory.dmp	DeerStealer
behavioral1/memory/296-7-0x000000013F0B0000-0x000000013F3BD000-memory.dmp	DeerStealer
behavioral1/memory/296-11-0x000000013F0B0000-0x000000013F3BD000-memory.dmp	DeerStealer

C:\Users\Admin\AppData\Local\Temp\build2.exe
"C:\Users\Admin\AppData\Local\Temp\build2.exe"
1⤵
PID:296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/296-0-0x000000013F0B0000-0x000000013F3BD000-memory.dmp

Filesize
3.1MB

Download
memory/296-6-0x000000013F0B0000-0x000000013F3BD000-memory.dmp

Filesize
3.1MB

Download
memory/296-7-0x000000013F0B0000-0x000000013F3BD000-memory.dmp

Filesize
3.1MB

Download
memory/296-11-0x000000013F0B0000-0x000000013F3BD000-memory.dmp

Filesize
3.1MB

Download