Analysis
-
max time kernel
39s -
max time network
155s -
platform
windows7_x64 -
resource
win7v200430 -
submitted
09/07/2020, 14:39
General
-
Target
Payment details.exe
-
Size
546KB
-
MD5
d580a1f4241f75ac8bf99ac6ca501977
-
SHA1
11a2d6e337c2a5830a918d206d475400d606c5b3
-
SHA256
b4d3bccc58e0a1222261fc91cf6c0b56db9116302c9aaf9d4ddf9273706d571f
-
SHA512
19ef34c65bacb0d0b38bd45126d989f2fbd510d91f844ab844e92d87b5380f749d5d89f6fc7ec16bbfcca97f40bf7d10d24d86186a402bb442f10fbb7c773ab5
Score
7/10
Malware Config
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs
-
Suspicious use of WriteProcessMemory 9 IoCs
-
Suspicious use of SetThreadContext 1 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
-
Loads dropped DLL 6 IoCs
-
Adds Run entry to start application 2 TTPs 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Payment details.exe"C:\Users\Admin\AppData\Local\Temp\Payment details.exe"1⤵
- Suspicious use of WriteProcessMemory
- Suspicious use of SetThreadContext
- Adds Run entry to start application
-
C:\Program Files (x86)\internet explorer\ieinstal.exe"C:\Program Files (x86)\internet explorer\ieinstal.exe"2⤵
- Suspicious use of SetWindowsHookEx
- Loads dropped DLL
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.3MB
-
Filesize
1.3MB