Overview

overview

10

Static

static

10

2024-11-11...er.exe

windows7-x64

1

2024-11-11...er.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-11-2024 01:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-11-11_b482b774aeadc17c11507c408247ec9c_avoslocker_cobalt-strike_luca-stealer.exe

  • Size

    800KB

  • MD5

    b482b774aeadc17c11507c408247ec9c

  • SHA1

    977cd3edd5851cfb0ebdf4135a125bbe7463c59f

  • SHA256

    c4e9463352e8a1a4776cb5282f0bce7f17bb3e821350d136bd84517376f95510

  • SHA512

    3daddfde5d0ab08fdda510c0aae7a54bdaadc0c11788d189a71b69e6902349a3b9aa276edaee810b1ff6cd192a8a52cc05e1ba3b0cb93033fe06b951a66227ad

  • SSDEEP

    24576:6IzjHMt/0VjY8QMC31OeFOtnuo51HVbQ:dMt/0VjYhQeFOtuo5JV

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-11-11_b482b774aeadc17c11507c408247ec9c_avoslocker_cobalt-strike_luca-stealer.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-11-11_b482b774aeadc17c11507c408247ec9c_avoslocker_cobalt-strike_luca-stealer.exe"
    1⤵
      PID:1016
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1016 -s 232
        2⤵
        • Program crash
        PID:764
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 1016 -ip 1016
      1⤵
        PID:4312

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads