7d396a2e388177cfde1f8e462ed0bf581c409874e46db0d09cbf083e67df681f | Triage

Submit
Reports

Overview

overview

Static

static

LegionStea...der.js

windows7-x64

3

LegionStea...der.js

windows10-2004-x64

3

LegionStea...ts.vbs

windows7-x64

1

LegionStea...ts.vbs

windows10-2004-x64

1

LegionStea...ts.vbs

windows7-x64

1

LegionStea...ts.vbs

windows10-2004-x64

1

LegionStea...m1.vbs

windows7-x64

1

LegionStea...m1.vbs

windows10-2004-x64

1

LegionStea...ral.js

windows7-x64

3

LegionStea...ral.js

windows10-2004-x64

3

LegionStea...al.vbs

windows7-x64

1

LegionStea...al.vbs

windows10-2004-x64

1

LegionStea...in.vbs

windows7-x64

1

LegionStea...in.vbs

windows10-2004-x64

1

LegionStea...der.js

windows7-x64

3

LegionStea...der.js

windows10-2004-x64

3

LegionStea...er.vbs

windows7-x64

1

LegionStea...er.vbs

windows10-2004-x64

1

LegionStea...es.vbs

windows7-x64

1

LegionStea...es.vbs

windows10-2004-x64

1

LegionStea...ver.js

windows7-x64

3

LegionStea...ver.js

windows10-2004-x64

3

LegionStea...er.vbs

windows7-x64

1

LegionStea...er.vbs

windows10-2004-x64

1

LegionStea...lby.js

windows7-x64

3

LegionStea...lby.js

windows10-2004-x64

3

LegionStea...by.vbs

windows7-x64

1

LegionStea...by.vbs

windows10-2004-x64

1

LegionStea...er.exe

windows7-x64

3

LegionStea...er.exe

windows10-2004-x64

3

LegionStea...er.exe

windows7-x64

3

LegionStea...er.exe

windows10-2004-x64

3

Analysis

max time kernel
149s
max time network
161s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
04-11-2024 18:34

Sharing

Static task

static1

stealer legion umbral

7 signatures

Behavioral task

behavioral1

Sample

LegionStealer V1 SRC/Builder.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

LegionStealer V1 SRC/Builder.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

LegionStealer V1 SRC/Exploits.vbs

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

LegionStealer V1 SRC/Exploits.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

LegionStealer V1 SRC/Exploits.vbs

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

LegionStealer V1 SRC/Exploits.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

LegionStealer V1 SRC/Form1.vbs

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

LegionStealer V1 SRC/Form1.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

LegionStealer V1 SRC/General.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

LegionStealer V1 SRC/General.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

LegionStealer V1 SRC/General.vbs

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

LegionStealer V1 SRC/General.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

LegionStealer V1 SRC/Main.vbs

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

LegionStealer V1 SRC/Main.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

LegionStealer V1 SRC/NewBuilder.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

LegionStealer V1 SRC/NewBuilder.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

LegionStealer V1 SRC/Properties/Resources.Designer.vbs

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

LegionStealer V1 SRC/Properties/Resources.Designer.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

LegionStealer V1 SRC/Properties/Resources.vbs

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

LegionStealer V1 SRC/Properties/Resources.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

LegionStealer V1 SRC/Sver.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

LegionStealer V1 SRC/Sver.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

LegionStealer V1 SRC/Sver.vbs

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

LegionStealer V1 SRC/Sver.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

LegionStealer V1 SRC/asamlby.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

LegionStealer V1 SRC/asamlby.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

LegionStealer V1 SRC/asamlby.vbs

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

LegionStealer V1 SRC/asamlby.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

LegionStealer V1 SRC/bin/Debug/My_Stealer_l3gion/legionstealer.exe

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

LegionStealer V1 SRC/bin/Debug/My_Stealer_l3gion/legionstealer.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral31

Sample

LegionStealer V1 SRC/bin/Debug/legionstealer.exe

Resource

win7-20240729-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral32

Sample

LegionStealer V1 SRC/bin/Debug/legionstealer.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

LegionStealer V1 SRC/General.js
Size

7KB
MD5

1ab39ca87572516793d1c480d5b2d81c
SHA1

0b501e022306e9e22510cbbe23e0967818abd029
SHA256

d4ed01bf8cecd6a146dac8ea20faab386aaa7ec534eff3066a5e3c881024cae9
SHA512

14201e38ee2a7321fb126099730f36e7d2b3ca207b1bbfafed3b082c93e1eaf900d4d7c5c17bac533e8917d04c9f2115a25a515b23ee2305f3e93fbaf70f0cd3
SSDEEP

96:yo4h4Dcz02nzXVgLUlF3FvFAF2F2F9FbYFJFCFzF0FQF/FVolU82jn1bn7WmXbm4:IKGpRfQolU8QLaEMks2

Score

3^/10

execution

Malware Config

Signatures

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Processes

C:\Windows\system32\wscript.exe
wscript.exe "C:\Users\Admin\AppData\Local\Temp\LegionStealer V1 SRC\General.js"
1⤵
PID:1972

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy