Analysis
-
max time kernel
106s -
max time network
138s -
platform
windows10-2004_x64 -
resource
win10v2004-20250314-en -
resource tags
-
submitted
04/04/2025, 00:19
General
-
Target
2025-04-03_265790321a0b788ca90dd3f923952abc_amadey_black-basta_luca-stealer_remcos_smoke-loader.exe
-
Size
430KB
-
MD5
265790321a0b788ca90dd3f923952abc
-
SHA1
5d518c3a2ca03427eaf418f1bf11fd7440c32012
-
SHA256
c65e84ef0e1b5d7224a851e9bd4569f56b52868862590d79031f14ee18dff607
-
SHA512
85385fbe414c951984dd7df7ac46b882afaafd55557ff756e03ee99143daed48adf0e680bc9858976428374d00c8b1b87d8c15686bf5d5a3ed2911b51af9bdf2
-
SSDEEP
6144:Rbvh5dcI/U8AkRlNn3tcy76D2Mp9nUTdjK/04FIJpgA383GtAO2C3XWP4c3l6B3:Rbvh5NIEf7mpW52/04FIHPAC2PYB3
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\2025-04-03_265790321a0b788ca90dd3f923952abc_amadey_black-basta_luca-stealer_remcos_smoke-loader.exe"C:\Users\Admin\AppData\Local\Temp\2025-04-03_265790321a0b788ca90dd3f923952abc_amadey_black-basta_luca-stealer_remcos_smoke-loader.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3220 -s 5402⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3220 -ip 32201⤵