d4fa640fe3fcd3a3ea766a7b8fbb60bb81b37c3834747f1a0fad8a4b748a7a68

Analysis

max time kernel
142s
max time network
112s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19-08-2024 17:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Stealer-1.0-all.jar
Size

17.6MB
MD5

f6fcae66f5b2112ef0b92bef76d53d57
SHA1

55ba0529e3206e20bdb506f5ba8786b421afba63
SHA256

d4fa640fe3fcd3a3ea766a7b8fbb60bb81b37c3834747f1a0fad8a4b748a7a68
SHA512

851b0f5ef50067a40101b74b87c9f6f60dd4fa2cd2c9517ff66505d140c443c25add0b154618395b1b610d8f2cd4957030ebe76077aad735ae3aa1ef2c518367
SSDEEP

393216:kb7kU+GwlsPGfwIXzU636e+px0jZNMLjLzewjPlVGNJzl6TNbO/oD:kpbQyP0jZGDKwnGzpUNbDD

Score

9^/10

credential_access discovery stealer

Malware Config

Signatures

Credentials from Password Stores: Credentials from Web Browsers 1 TTPs
Malicious Access or copy of Web Browser Credential store.
credential_access stealer

Credentials from Web Browsers
T1555.003

Loads dropped DLL 2 IoCs

pid	Process
3556	java.exe
3556	java.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3556	java.exe

C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\Stealer-1.0-all.jar
1⤵
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
PID:3556

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Discovery

Browser Information Discovery

T1217

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\8f07b34e-504d-49e1-9f36-57f20890e7e52029729854376311985

Filesize
114KB

MD5
503d6b554ee03ef54c8deb8c440f6012

SHA1
e306b2a07bf87e90c63418024c92933bcc3f4d7f

SHA256
4c407af4d5326d1ea43e89945eda0b86c81ad0d12bd5465b327c0fd1df56f7d4

SHA512
3490b51dfe2e8f6efa3cdeee7bc08c03072597861c1a2f88dc830139abb7611c671ddad345c2af97bb1e88927c09467ed92b5feafe6696d7e2b31b3bd3447437

Download Submit
C:\Users\Admin\AppData\Local\Temp\f0e9ffa0-bdf4-495f-8db6-478a12448aa31382937211108058371

Filesize
116KB

MD5
f70aa3fa04f0536280f872ad17973c3d

SHA1
50a7b889329a92de1b272d0ecf5fce87395d3123

SHA256
8d782aa65de6db3538a14da82216e96d5e0a3c60496726e3541a8165bccc65f8

SHA512
30675c5c610d9aa32a4c4a4d9c3af7570823cd197f8d2a709222c78e2cd15304bbed80e233e3674ec2f6e33d1961c67fd6a46dc8ba8b1a301cd0722932c03c84

Download Submit
C:\Users\Admin\AppData\Local\Temp\jna-63116079\jna2926437196599646854.dll

Filesize
248KB

MD5
719d6ba1946c25aa61ce82f90d77ffd5

SHA1
94d2191378cac5719daecc826fc116816284c406

SHA256
69c45175ecfd25af023f96ac0bb2c45e6a95e3ba8a5a50ee7969ccab14825c44

SHA512
119152b624948b76921aa91a5024006ef7c8fdbfe5f6fe71b1ec9f2c0e504b22508ff438c4183e60fa8de93eb35a8c7ccdda3a686e3c2f65c8185f1dd2ef248b

Download Submit
C:\Users\Admin\AppData\Local\Temp\sqlite-3.42.0.0-e46e23aa-388f-4f3b-bf71-58274d579000-sqlitejdbc.dll

Filesize
913KB

MD5
16d165c26c43d841b5ec73d8e0d6fc9d

SHA1
2673a2ed3c7e269abf2b3203cc5bcbb52031f93e

SHA256
451e319b14cf9b35b99cca2d245e50e97205b7dcabeeccd8fec6bb54c8a2e84c

SHA512
694d5261d09a03e1967d41cba5f36a855a0fb9e4684b918ee35d62af9ff671635590f07f1a709de17b7672f2939cdd78f0c0e6c683e90762dbf9e12283c45686

Download Submit
memory/3556-2-0x0000021E80000000-0x0000021E80270000-memory.dmp

Filesize
2.4MB

Download
memory/3556-14-0x0000021EFC4F0000-0x0000021EFC4F1000-memory.dmp

Filesize
4KB

Download
memory/3556-27-0x0000021E80270000-0x0000021E80280000-memory.dmp

Filesize
64KB

Download
memory/3556-30-0x0000021E80280000-0x0000021E80290000-memory.dmp

Filesize
64KB

Download
memory/3556-34-0x0000021E80290000-0x0000021E802A0000-memory.dmp

Filesize
64KB

Download
memory/3556-37-0x0000021E802B0000-0x0000021E802C0000-memory.dmp

Filesize
64KB

Download
memory/3556-39-0x0000021E802C0000-0x0000021E802D0000-memory.dmp

Filesize
64KB

Download
memory/3556-41-0x0000021E802D0000-0x0000021E802E0000-memory.dmp

Filesize
64KB

Download
memory/3556-36-0x0000021E802A0000-0x0000021E802B0000-memory.dmp

Filesize
64KB

Download
memory/3556-43-0x0000021E80000000-0x0000021E80270000-memory.dmp

Filesize
2.4MB

Download
memory/3556-44-0x0000021E802E0000-0x0000021E802F0000-memory.dmp

Filesize
64KB

Download
memory/3556-46-0x0000021E802F0000-0x0000021E80300000-memory.dmp

Filesize
64KB

Download
memory/3556-60-0x0000021E80300000-0x0000021E80310000-memory.dmp

Filesize
64KB

Download
memory/3556-82-0x0000021E80310000-0x0000021E80320000-memory.dmp

Filesize
64KB

Download
memory/3556-91-0x0000021EFC4F0000-0x0000021EFC4F1000-memory.dmp

Filesize
4KB

Download
memory/3556-93-0x0000021E80270000-0x0000021E80280000-memory.dmp

Filesize
64KB

Download
memory/3556-94-0x0000021E80320000-0x0000021E80330000-memory.dmp

Filesize
64KB

Download
memory/3556-97-0x0000021E80330000-0x0000021E80340000-memory.dmp

Filesize
64KB

Download
memory/3556-96-0x0000021E80280000-0x0000021E80290000-memory.dmp

Filesize
64KB

Download
memory/3556-99-0x0000021E80290000-0x0000021E802A0000-memory.dmp

Filesize
64KB

Download
memory/3556-100-0x0000021E80340000-0x0000021E80350000-memory.dmp

Filesize
64KB

Download
memory/3556-104-0x0000021E80350000-0x0000021E80360000-memory.dmp

Filesize
64KB

Download
memory/3556-103-0x0000021E802B0000-0x0000021E802C0000-memory.dmp

Filesize
64KB

Download
memory/3556-102-0x0000021E802A0000-0x0000021E802B0000-memory.dmp

Filesize
64KB

Download
memory/3556-108-0x0000021E80360000-0x0000021E80370000-memory.dmp

Filesize
64KB

Download
memory/3556-107-0x0000021E802C0000-0x0000021E802D0000-memory.dmp

Filesize
64KB

Download
memory/3556-110-0x0000021E802D0000-0x0000021E802E0000-memory.dmp

Filesize
64KB

Download
memory/3556-111-0x0000021E80370000-0x0000021E80380000-memory.dmp

Filesize
64KB

Download
memory/3556-113-0x0000021E80380000-0x0000021E80390000-memory.dmp

Filesize
64KB

Download
memory/3556-112-0x0000021E802E0000-0x0000021E802F0000-memory.dmp

Filesize
64KB

Download
memory/3556-116-0x0000021E80390000-0x0000021E803A0000-memory.dmp

Filesize
64KB

Download
memory/3556-115-0x0000021E802F0000-0x0000021E80300000-memory.dmp

Filesize
64KB

Download
memory/3556-119-0x0000021E803A0000-0x0000021E803B0000-memory.dmp

Filesize
64KB

Download
memory/3556-118-0x0000021E80300000-0x0000021E80310000-memory.dmp

Filesize
64KB

Download
memory/3556-123-0x0000021E803B0000-0x0000021E803C0000-memory.dmp

Filesize
64KB

Download
memory/3556-122-0x0000021E80310000-0x0000021E80320000-memory.dmp

Filesize
64KB

Download
memory/3556-128-0x0000021E803C0000-0x0000021E803D0000-memory.dmp

Filesize
64KB

Download
memory/3556-127-0x0000021E80320000-0x0000021E80330000-memory.dmp

Filesize
64KB

Download
memory/3556-130-0x0000021E803D0000-0x0000021E803E0000-memory.dmp

Filesize
64KB

Download
memory/3556-129-0x0000021E80330000-0x0000021E80340000-memory.dmp

Filesize
64KB

Download
memory/3556-132-0x0000021E80340000-0x0000021E80350000-memory.dmp

Filesize
64KB

Download
memory/3556-133-0x0000021E803E0000-0x0000021E803F0000-memory.dmp

Filesize
64KB

Download
memory/3556-136-0x0000021E803F0000-0x0000021E80400000-memory.dmp

Filesize
64KB

Download
memory/3556-135-0x0000021E80350000-0x0000021E80360000-memory.dmp

Filesize
64KB

Download
memory/3556-139-0x0000021E80400000-0x0000021E80410000-memory.dmp

Filesize
64KB

Download
memory/3556-138-0x0000021E80360000-0x0000021E80370000-memory.dmp

Filesize
64KB

Download
memory/3556-141-0x0000021E80370000-0x0000021E80380000-memory.dmp

Filesize
64KB

Download
memory/3556-142-0x0000021E80410000-0x0000021E80420000-memory.dmp

Filesize
64KB

Download
memory/3556-145-0x0000021E80420000-0x0000021E80430000-memory.dmp

Filesize
64KB

Download
memory/3556-144-0x0000021E80380000-0x0000021E80390000-memory.dmp

Filesize
64KB

Download
memory/3556-149-0x0000021E80430000-0x0000021E80440000-memory.dmp

Filesize
64KB

Download
memory/3556-148-0x0000021E80390000-0x0000021E803A0000-memory.dmp

Filesize
64KB

Download
memory/3556-153-0x0000021E80440000-0x0000021E80450000-memory.dmp

Filesize
64KB

Download
memory/3556-152-0x0000021E803A0000-0x0000021E803B0000-memory.dmp

Filesize
64KB

Download
memory/3556-155-0x0000021E803B0000-0x0000021E803C0000-memory.dmp

Filesize
64KB

Download
memory/3556-158-0x0000021E80460000-0x0000021E80470000-memory.dmp

Filesize
64KB

Download
memory/3556-157-0x0000021E803C0000-0x0000021E803D0000-memory.dmp

Filesize
64KB

Download
memory/3556-154-0x0000021E80450000-0x0000021E80460000-memory.dmp

Filesize
64KB

Download
memory/3556-159-0x0000021E803D0000-0x0000021E803E0000-memory.dmp

Filesize
64KB

Download
memory/3556-160-0x0000021E80470000-0x0000021E80480000-memory.dmp

Filesize
64KB

Download
memory/3556-162-0x0000021EFC4F0000-0x0000021EFC4F1000-memory.dmp

Filesize
4KB

Download
memory/3556-163-0x0000021E803E0000-0x0000021E803F0000-memory.dmp

Filesize
64KB

Download
memory/3556-164-0x0000021E80480000-0x0000021E80490000-memory.dmp

Filesize
64KB

Download
memory/3556-169-0x0000021E80490000-0x0000021E804A0000-memory.dmp

Filesize
64KB

Download
memory/3556-168-0x0000021E803F0000-0x0000021E80400000-memory.dmp

Filesize
64KB

Download
memory/3556-173-0x0000021E804A0000-0x0000021E804B0000-memory.dmp

Filesize
64KB

Download
memory/3556-172-0x0000021E80400000-0x0000021E80410000-memory.dmp

Filesize
64KB

Download
memory/3556-175-0x0000021E804B0000-0x0000021E804C0000-memory.dmp

Filesize
64KB

Download
memory/3556-174-0x0000021E80410000-0x0000021E80420000-memory.dmp

Filesize
64KB

Download
memory/3556-178-0x0000021E804C0000-0x0000021E804D0000-memory.dmp

Filesize
64KB

Download
memory/3556-177-0x0000021E80420000-0x0000021E80430000-memory.dmp

Filesize
64KB

Download
memory/3556-180-0x0000021E80430000-0x0000021E80440000-memory.dmp

Filesize
64KB

Download
memory/3556-181-0x0000021E804D0000-0x0000021E804E0000-memory.dmp

Filesize
64KB

Download
memory/3556-186-0x0000021E804E0000-0x0000021E804F0000-memory.dmp

Filesize
64KB

Download
memory/3556-185-0x0000021E80450000-0x0000021E80460000-memory.dmp

Filesize
64KB

Download
memory/3556-184-0x0000021E80440000-0x0000021E80450000-memory.dmp

Filesize
64KB

Download
memory/3556-187-0x0000021E804F0000-0x0000021E80500000-memory.dmp

Filesize
64KB

Download
memory/3556-191-0x0000021E80500000-0x0000021E80510000-memory.dmp

Filesize
64KB

Download
memory/3556-190-0x0000021E80460000-0x0000021E80470000-memory.dmp

Filesize
64KB

Download
memory/3556-192-0x0000021EFC4F0000-0x0000021EFC4F1000-memory.dmp

Filesize
4KB

Download
memory/3556-193-0x0000021E80470000-0x0000021E80480000-memory.dmp

Filesize
64KB

Download
memory/3556-195-0x0000021E80480000-0x0000021E80490000-memory.dmp

Filesize
64KB

Download
memory/3556-196-0x0000021E80490000-0x0000021E804A0000-memory.dmp

Filesize
64KB

Download
memory/3556-197-0x0000021E804A0000-0x0000021E804B0000-memory.dmp

Filesize
64KB

Download
memory/3556-198-0x0000021E804B0000-0x0000021E804C0000-memory.dmp

Filesize
64KB

Download
memory/3556-199-0x0000021E804C0000-0x0000021E804D0000-memory.dmp

Filesize
64KB

Download
memory/3556-200-0x0000021E804D0000-0x0000021E804E0000-memory.dmp

Filesize
64KB

Download
memory/3556-201-0x0000021EFC4F0000-0x0000021EFC4F1000-memory.dmp

Filesize
4KB

Download
memory/3556-203-0x0000021E804E0000-0x0000021E804F0000-memory.dmp

Filesize
64KB

Download
memory/3556-202-0x00007FFC5C1F0000-0x00007FFC5C2DC000-memory.dmp

Filesize
944KB

Download
memory/3556-204-0x0000021E804F0000-0x0000021E80500000-memory.dmp

Filesize
64KB

Download
memory/3556-205-0x0000021E80500000-0x0000021E80510000-memory.dmp

Filesize
64KB

Download
memory/3556-217-0x0000021EFC4F0000-0x0000021EFC4F1000-memory.dmp

Filesize
4KB

Download
memory/3556-218-0x00007FFC5C1F0000-0x00007FFC5C2DC000-memory.dmp

Filesize
944KB

Download
memory/3556-223-0x0000021E802B0000-0x0000021E802C0000-memory.dmp

Filesize
64KB

Download
memory/3556-228-0x0000021E802F0000-0x0000021E80300000-memory.dmp

Filesize
64KB

Download
memory/3556-227-0x0000021E802E0000-0x0000021E802F0000-memory.dmp

Filesize
64KB

Download
memory/3556-226-0x0000021E802D0000-0x0000021E802E0000-memory.dmp

Filesize
64KB

Download
memory/3556-225-0x0000021E802C0000-0x0000021E802D0000-memory.dmp

Filesize
64KB

Download
memory/3556-224-0x0000021E80000000-0x0000021E80270000-memory.dmp

Filesize
2.4MB

Download
memory/3556-222-0x0000021E80290000-0x0000021E802A0000-memory.dmp

Filesize
64KB

Download
memory/3556-221-0x0000021E80280000-0x0000021E80290000-memory.dmp

Filesize
64KB

Download
memory/3556-220-0x0000021E80270000-0x0000021E80280000-memory.dmp

Filesize
64KB

Download
memory/3556-219-0x0000021E802A0000-0x0000021E802B0000-memory.dmp

Filesize
64KB

Download