Analysis
-
max time kernel
14s -
max time network
103s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
02-04-2021 18:04
Static task
static1
Behavioral task
behavioral1
Sample
3484b25f2ba1dbb96d27992e52a1f042.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
General
-
Target
3484b25f2ba1dbb96d27992e52a1f042.exe
-
Size
681KB
-
MD5
3484b25f2ba1dbb96d27992e52a1f042
-
SHA1
a1b3a2d9986bb7b4ee2a6e32be4b0f211213a0b1
-
SHA256
97488be036cb1cf1a500188d3449062f4f10d83afb57630a8f6497edb196dc21
-
SHA512
97bc187d34ebfded16139140869bb31c27f7c725a1121b90d4980095434423ac025e07d436fe337b2ad0a7d773e59e8c02957f31c10948eb2bafffa82b92cec5
Malware Config
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
3484b25f2ba1dbb96d27992e52a1f042.exepid process 652 3484b25f2ba1dbb96d27992e52a1f042.exe 652 3484b25f2ba1dbb96d27992e52a1f042.exe