Analysis
-
max time kernel
109s -
max time network
150s -
platform
windows10_x64 -
resource
win10 -
submitted
07-07-2020 06:22
General
-
Target
eSlipgqm.exe
-
Size
913KB
-
MD5
643d8efc8b76e065a277f18e31c22789
-
SHA1
402e6c201ce14042b7c70bbf733a95119d23cc87
-
SHA256
8f787ad8df4ea3ee0c0940cf5170cccffa5c5783f065b89581de06c53a20b30c
-
SHA512
3427a7fca23990c8ccbd3e638c5ffbd4b6ad7e811e22db9d9596b563d82c676a8743119428a971a2835a8d2e5e8746a358e6be89bc0642f11f5317b0734b2735
Score
7/10
Malware Config
Signatures
-
Loads dropped DLL 6 IoCs
-
Adds Run entry to start application 2 TTPs 1 IoCs
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs
Processes
-
C:\Users\Admin\AppData\Local\Temp\eSlipgqm.exe"C:\Users\Admin\AppData\Local\Temp\eSlipgqm.exe"1⤵
- Loads dropped DLL
- Adds Run entry to start application