Analysis
-
max time kernel
121s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
05/11/2024, 20:17
Static task
static1
Behavioral task
behavioral1
Sample
2bc1485a378ab0318666c52734de76dc.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2bc1485a378ab0318666c52734de76dc.exe
Resource
win10v2004-20241007-en
General
-
Target
2bc1485a378ab0318666c52734de76dc.exe
-
Size
651KB
-
MD5
2bc1485a378ab0318666c52734de76dc
-
SHA1
0904d272102b4f4b7d273d2ca1f06de4c8680ae7
-
SHA256
c1f10a812f6faa73971f4fc34a9487ef2e7405e5d958019abd6efd63d47a74aa
-
SHA512
e86abea71f54c1542c229a6d17e5dcba077503c377412f74d6f5516f66e88b7aa18afc125c451e272098056b4e264fb7b3327a8b4a4dfa07ebf3b9aa3d0415d0
-
SSDEEP
12288:aI05L9+VustmJwTRBpZOGs1VV1VO/ecGuBEkiEeCxSvZqjVbC:4oLtmJwjOv1VV1mpGublxSBqd
Malware Config
Extracted
stealc
LogsDiller
http://95.215.204.109
-
url_path
/40c4c76100b40ed8.php
Signatures
-
Stealc family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 2bc1485a378ab0318666c52734de76dc.exe