Analysis
-
max time kernel
142s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
27-10-2024 16:53
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240903-en
15 signatures
150 seconds
General
-
Target
file.exe
-
Size
868KB
-
MD5
f793d9e588c6bf51f1daf523ab2df1ce
-
SHA1
f63ce1f9eee9f3ae643e270c7fc854dc51d730d0
-
SHA256
a8addc675fcc27c94ff9e4775bb2e090f4da1287aae6b95cecc65ccf533bc61d
-
SHA512
4d0d8bf366f4b4793154f31aee4983df307b97edc83608b76628168418d48227eb46f6213469eb4d3a088d891a143b30b3b02acbb194df834da1b61d182607eb
-
SSDEEP
24576:Le1Q/llWMGNL/geFyNcTN+jv75TQn652VBuNyb:cQ/lldGJtF4ch+jvNm0Nyb
Malware Config
Extracted
Family
stealc
Botnet
tale
C2
http://185.215.113.206
Attributes
-
url_path
/6c4adf523b719729.php
Signatures
-
Stealc family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language file.exe