7d396a2e388177cfde1f8e462ed0bf581c409874e46db0d09cbf083e67df681f | Triage

Submit
Reports

Overview

overview

Static

static

LegionStea...der.js

windows7-x64

3

LegionStea...der.js

windows10-2004-x64

3

LegionStea...ts.vbs

windows7-x64

1

LegionStea...ts.vbs

windows10-2004-x64

1

LegionStea...ts.vbs

windows7-x64

1

LegionStea...ts.vbs

windows10-2004-x64

1

LegionStea...m1.vbs

windows7-x64

1

LegionStea...m1.vbs

windows10-2004-x64

1

LegionStea...ral.js

windows7-x64

3

LegionStea...ral.js

windows10-2004-x64

3

LegionStea...al.vbs

windows7-x64

1

LegionStea...al.vbs

windows10-2004-x64

1

LegionStea...in.vbs

windows7-x64

1

LegionStea...in.vbs

windows10-2004-x64

1

LegionStea...der.js

windows7-x64

3

LegionStea...der.js

windows10-2004-x64

3

LegionStea...er.vbs

windows7-x64

1

LegionStea...er.vbs

windows10-2004-x64

1

LegionStea...es.vbs

windows7-x64

1

LegionStea...es.vbs

windows10-2004-x64

1

LegionStea...ver.js

windows7-x64

3

LegionStea...ver.js

windows10-2004-x64

3

LegionStea...er.vbs

windows7-x64

1

LegionStea...er.vbs

windows10-2004-x64

1

LegionStea...lby.js

windows7-x64

3

LegionStea...lby.js

windows10-2004-x64

3

LegionStea...by.vbs

windows7-x64

1

LegionStea...by.vbs

windows10-2004-x64

1

LegionStea...er.exe

windows7-x64

3

LegionStea...er.exe

windows10-2004-x64

3

LegionStea...er.exe

windows7-x64

3

LegionStea...er.exe

windows10-2004-x64

3

Analysis

max time kernel
143s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
04-11-2024 18:34

Sharing

Static task

static1

stealer legion umbral

7 signatures

Behavioral task

behavioral1

Sample

LegionStealer V1 SRC/Builder.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

LegionStealer V1 SRC/Builder.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

LegionStealer V1 SRC/Exploits.vbs

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

LegionStealer V1 SRC/Exploits.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

LegionStealer V1 SRC/Exploits.vbs

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

LegionStealer V1 SRC/Exploits.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

LegionStealer V1 SRC/Form1.vbs

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

LegionStealer V1 SRC/Form1.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

LegionStealer V1 SRC/General.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

LegionStealer V1 SRC/General.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

LegionStealer V1 SRC/General.vbs

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

LegionStealer V1 SRC/General.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

LegionStealer V1 SRC/Main.vbs

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

LegionStealer V1 SRC/Main.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

LegionStealer V1 SRC/NewBuilder.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

LegionStealer V1 SRC/NewBuilder.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

LegionStealer V1 SRC/Properties/Resources.Designer.vbs

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

LegionStealer V1 SRC/Properties/Resources.Designer.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

LegionStealer V1 SRC/Properties/Resources.vbs

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

LegionStealer V1 SRC/Properties/Resources.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

LegionStealer V1 SRC/Sver.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

LegionStealer V1 SRC/Sver.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

LegionStealer V1 SRC/Sver.vbs

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

LegionStealer V1 SRC/Sver.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

LegionStealer V1 SRC/asamlby.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

LegionStealer V1 SRC/asamlby.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

LegionStealer V1 SRC/asamlby.vbs

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

LegionStealer V1 SRC/asamlby.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

LegionStealer V1 SRC/bin/Debug/My_Stealer_l3gion/legionstealer.exe

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

LegionStealer V1 SRC/bin/Debug/My_Stealer_l3gion/legionstealer.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral31

Sample

LegionStealer V1 SRC/bin/Debug/legionstealer.exe

Resource

win7-20240729-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral32

Sample

LegionStealer V1 SRC/bin/Debug/legionstealer.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

LegionStealer V1 SRC/Form1.vbs
Size

1.0MB
MD5

10af683ee0dd39eeab3cdb0d67dbe384
SHA1

e6dc6c5f54c622405b81b9bb28b285b9837d0249
SHA256

618c16f01cc2eae2d696fa3e9eae55268a70674bb2e46a982a3d5314fc3015f4
SHA512

05e7f3a78ec595f0cf8b25afb4b0ca2703f148238fe0df97dbabdfd58651d8e1686edca8508d823da0619eb15ed3b56c8af7e9a2588b815eca2924231ac43efa
SSDEEP

24576:+W+dtiY4PGOL+37vxiW+dtiY4PGOL+37vxm:We+Qe+o

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\LegionStealer V1 SRC\Form1.vbs"
1⤵
PID:848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy