Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
23-10-2024 11:09
Static task
static1
Behavioral task
behavioral1
Sample
5362f24b35ce383f260aaacbe818d31b.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
5362f24b35ce383f260aaacbe818d31b.exe
Resource
win10v2004-20241007-en
General
-
Target
5362f24b35ce383f260aaacbe818d31b.exe
-
Size
342KB
-
MD5
5362f24b35ce383f260aaacbe818d31b
-
SHA1
3b4af5b4d4dd22cda36a3b25e9443d0ad4e192c1
-
SHA256
c86a5644d68530591b9dad45c0f1d044b309088c8fbe69ddc5dc04a122477cd6
-
SHA512
5ac5eee94f571bb095d0ee1c1f391ac10c13c25b10044448291c53ccc04797eabf22800af5fe16d4acdef06151bfd6b817051f25495f26ccb399f8b2fe6c1974
-
SSDEEP
6144:C1MHilFqXaOn5PbsNeCVnEk5CTERqqoA2A4KJ:vHiLoa2kx5zII2A4K
Malware Config
Extracted
stealc
LogsDiller
http://185.201.252.118
-
url_path
/ef952bc0f542da4b.php
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes:
5362f24b35ce383f260aaacbe818d31b.exedescription ioc process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 5362f24b35ce383f260aaacbe818d31b.exe