Analysis
-
max time kernel
113s -
max time network
119s -
platform
windows7_x64 -
resource
win7 -
submitted
20-07-2020 10:24
Static task
static1
Behavioral task
behavioral1
Sample
bjn1.exe
Resource
win7
windows7_x64
0 signatures
0 seconds
General
-
Target
bjn1.exe
-
Size
194KB
-
MD5
f42360653809d146f0520d3c637eb884
-
SHA1
0afa923bad4513a9e29bb4062be8fb09745bb96d
-
SHA256
a3cd4c88cc48bcfd7ad16fd851948010f273215ce0c11b3538defba8f440bd0e
-
SHA512
b86b296916a799261edfd606cbae71dd021ee084111dfeefe782ee664ed58941c37efacfd46b267fd45bb6f85d2cec877b0e64dcdd429f75e17084cdee27a2ca
Malware Config
Signatures
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
bjn1.exedescription pid process Token: SeDebugPrivilege 1460 bjn1.exe -
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes:
bjn1.exepid process 1460 bjn1.exe