Overview

overview

7

Static

static

2020-01-08...in.exe

windows7_x64

7

2020-01-08...in.exe

windows10_x64

7

Analysis

  • max time kernel
    62s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7
  • submitted
    06-08-2020 19:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2020-01-08 114318.bin.exe

  • Size

    378KB

  • MD5

    54c24db7a6b6186a5727042d7094c000

  • SHA1

    c5b1d7d7ee1cfedf230dcf2106986afd1ab0eb06

  • SHA256

    daccb68f01c806839d025c4d8ffda45357767e1dcc467d29f59cf64159176ab9

  • SHA512

    7f842cfc37fbd35bf8337019170c8ba5119bf196190f07267a17be94d6d1699f027f17ba570d5c9fc10d5134a1b33c73ba88d7f1b867b29e66d91e10a84629f1

Score
7/10
persistencespyware

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware

Processes

  • C:\Users\Admin\AppData\Local\Temp\2020-01-08 114318.bin.exe
    "C:\Users\Admin\AppData\Local\Temp\2020-01-08 114318.bin.exe"
    1⤵
    • Adds Run key to start application
    PID:832

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads