Analysis
-
max time kernel
94s -
max time network
140s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
27-12-2024 09:18
General
-
Target
1352-0-0x0000000000600000-0x0000000000B02000-memory.exe
-
Size
5.0MB
-
MD5
8df84e41d01288a4c3a54b9a2a3f0770
-
SHA1
b97227df63997fd98e0fc843dd75ed3db8a208f4
-
SHA256
768d3df93ac26ebd0fe3fea83f0554aa1bbccccba6abedac2e4f2ffa638c752e
-
SHA512
2a0ad7a702a36ac56a819850058dbba71a2e2b8cfcdd3986959f8ebf596646c1d7ab29a871bc6b7744a1755016f01a74908bf8f0754ce8e7935c38514c277e8a
-
SSDEEP
98304:a2+oryBeZp0s+VRIwM1dtcSfv9QmAxFI:aKgnWdSI
Score
10/10
Malware Config
Signatures
-
Stealc
Stealc is an infostealer written in C++.
-
Stealc family
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\1352-0-0x0000000000600000-0x0000000000B02000-memory.exe"C:\Users\Admin\AppData\Local\Temp\1352-0-0x0000000000600000-0x0000000000B02000-memory.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1472 -s 2242⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1472 -ip 14721⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5.0MB