Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
21-11-2024 15:29
General
-
Target
2480-151-0x00000000011C0000-0x0000000001842000-memory.exe
-
Size
6.5MB
-
MD5
6450f4d0fba8b71ba4f7f38cdd905957
-
SHA1
a252bb45f5688615e9b9e22766a108328cf3b8c0
-
SHA256
37200edb2f3bd27c123645a62c3ca930f7ee0d7e9985f1e6aab25fcddee8a5f1
-
SHA512
0894bf0e72f148e5752e84695da19cb23c42032ab2d36f5a737d4300817ab108cf77facf4948f6742295a6310bd0276c0c785495bddaf7deb1053c5eefe15bdb
-
SSDEEP
98304:ZqdI1bvCDGKrD1OjRRkmAXNMUim1TPRQzN6ePE:p1Dk3XJjq
Score
10/10
Malware Config
Signatures
-
Stealc
Stealc is an infostealer written in C++.
-
Stealc family
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\2480-151-0x00000000011C0000-0x0000000001842000-memory.exe"C:\Users\Admin\AppData\Local\Temp\2480-151-0x00000000011C0000-0x0000000001842000-memory.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2024 -s 2162⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2024 -ip 20241⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6.5MB