Overview

overview

10

Static

static

10

build2.exe

windows7-x64

10

build2.exe

windows10-1703-x64

10

build2.exe

windows10-2004-x64

10

build2.exe

windows11-21h2-x64

10

Resubmissions

23/08/2024, 09:01

240823-ky1r9axfmq 10

28/07/2024, 15:13

240728-sl7c9svaqf 10

Analysis

  • max time kernel
    129s
  • max time network
    137s
  • platform
    windows10-1703_x64
  • resource
    win10-20240611-en
  • resource tags

    arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system
  • submitted
    23/08/2024, 09:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    build2.exe

  • Size

    2.6MB

  • MD5

    410e91a252ffe557a41e66a174cd6dcb

  • SHA1

    54b311d2c9909ac9f03d26b30db6c94dadde4cdb

  • SHA256

    67ce38dec54fd963ff28f4a257d58133eb241c909f9e06c859de0a7f00976202

  • SHA512

    98b7547a8f41a92899ef018125df551bdd085ac2444a4542ee9fc1e44388de6824c5b41600ba8b73feb97dd882da0c5a9844ef73509565a3be3a2dc00c10f06d

  • SSDEEP

    49152:wXduhClX5Td3dKHJH2u4DTUN8A0AAlFnK9O5JDW0ZX+Gh8e9waVp/EoQ4PKw/n0+:LkUixA0Zea

Score
10/10
stealer

Malware Config

Signatures

  • DeerStealer 6 IoCs

    Detects DeerStealer malware - JaffaCakes118.

    stealer

Processes

  • C:\Users\Admin\AppData\Local\Temp\build2.exe
    "C:\Users\Admin\AppData\Local\Temp\build2.exe"
    1⤵
      PID:1404

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1404-0-0x00007FF7F7580000-0x00007FF7F788D000-memory.dmp

      Filesize

      3.1MB

      Download

    • memory/1404-6-0x00007FF7F7580000-0x00007FF7F788D000-memory.dmp

      Filesize

      3.1MB

      Download

    • memory/1404-9-0x00007FF7F7580000-0x00007FF7F788D000-memory.dmp

      Filesize

      3.1MB

      Download

    • memory/1404-11-0x00007FFB9F875000-0x00007FFB9F876000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1404-13-0x00007FF7F7580000-0x00007FF7F788D000-memory.dmp

      Filesize

      3.1MB

      Download

    • memory/1404-16-0x00007FF7F7580000-0x00007FF7F788D000-memory.dmp

      Filesize

      3.1MB

      Download

    • memory/1404-19-0x00007FF7F7580000-0x00007FF7F788D000-memory.dmp

      Filesize

      3.1MB

      Download

    • memory/1404-20-0x00007FF7F7580000-0x00007FF7F788D000-memory.dmp

      Filesize

      3.1MB

      Download

    • memory/1404-27-0x00007FF7F7580000-0x00007FF7F788D000-memory.dmp

      Filesize

      3.1MB

      Download