Overview

overview

10

Static

static

10

d5256103cf...52.exe

windows7-x64

10

d5256103cf...52.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-06-2024 14:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d5256103cffdf59f25bd9bb6f3aa1122c25fac1c49bcfe751c51625deed3de52.exe

  • Size

    249KB

  • MD5

    80342a8acc3ee7ea3a1835eb6ce1250e

  • SHA1

    12d2bfb40285ffd5331295211b4657b30448f5e3

  • SHA256

    d5256103cffdf59f25bd9bb6f3aa1122c25fac1c49bcfe751c51625deed3de52

  • SHA512

    ffc6098c73b2587ec0610471b692d82e4e85c8d83f26ca1de4253a2fd3f6ab5262c22b75250b3c6922d12c1fd7864f9e4525b97e80fdf658eb2c2449e14882d6

  • SSDEEP

    1536:NJ2NqnNOxvgGWb6rYhRi6clhIP+Dj/fW58YyL1G8lI:NJ2NqSnWyYhVcjIP+f/E8YnaI

Score
10/10
purelogstealerstealer

Malware Config

Signatures

  • PureLog Stealer

    PureLog Stealer is an infostealer written in C#.

    stealerpurelogstealer
  • PureLog Stealer payload 1 IoCs
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d5256103cffdf59f25bd9bb6f3aa1122c25fac1c49bcfe751c51625deed3de52.exe
    "C:\Users\Admin\AppData\Local\Temp\d5256103cffdf59f25bd9bb6f3aa1122c25fac1c49bcfe751c51625deed3de52.exe"
    1⤵
      PID:4464
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4464 -s 1124
        2⤵
        • Program crash
        PID:3112
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 4464 -ip 4464
      1⤵
        PID:4612

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4464-0-0x0000000074BEE000-0x0000000074BEF000-memory.dmp
        Filesize

        4KB

        Download
      • memory/4464-1-0x0000000000AB0000-0x0000000000AF4000-memory.dmp
        Filesize

        272KB

        Download
      • memory/4464-2-0x0000000005A20000-0x0000000005FC4000-memory.dmp
        Filesize

        5.6MB

        Download
      • memory/4464-3-0x00000000053B0000-0x0000000005442000-memory.dmp
        Filesize

        584KB

        Download
      • memory/4464-4-0x0000000074BE0000-0x0000000075390000-memory.dmp
        Filesize

        7.7MB

        Download
      • memory/4464-5-0x0000000005710000-0x000000000571A000-memory.dmp
        Filesize

        40KB

        Download
      • memory/4464-6-0x0000000074BE0000-0x0000000075390000-memory.dmp
        Filesize

        7.7MB

        Download