Overview

overview

10

Static

static

6b37d35716...d7.exe

windows7_x64

10

6b37d35716...d7.exe

windows10_x64

10

Analysis

  • max time kernel
    7s
  • max time network
    9s
  • platform
    windows7_x64
  • resource
    win7v20210408
  • submitted
    18-04-2021 23:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6b37d35716224640ab1970852d0dc7d7.exe

  • Size

    357KB

  • MD5

    6b37d35716224640ab1970852d0dc7d7

  • SHA1

    8835646873e64ff3a6b3e4177b7ed75d8f840762

  • SHA256

    d26a98d84423d1b79e2f01fe69e09c3fe65841ceb59c1c36b12b84aaafcb77e9

  • SHA512

    afbdb041f9bfadd80050a2fc92cff7c99639b22acb290d97f0bf37d018123d26edf1cb2976bda72785f36da8024772318685ba8ecf95340fddc67ed6a48b0453

Score
10/10
taurusdiscoveryspywarestealertrojan

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\6b37d35716224640ab1970852d0dc7d7.exe
    "C:\Users\Admin\AppData\Local\Temp\6b37d35716224640ab1970852d0dc7d7.exe"
    1⤵
      PID:1776

    Network

    MITRE ATT&CK Matrix ATT&CK v6

    Initial Access

    Execution

    Persistence

    Privilege Escalation

    Defense Evasion

    Credential Access

    Credentials in Files

    2
    T1081

    Discovery

    Query Registry

    1
    T1012

    Lateral Movement

    Collection

    Data from Local System

    2
    T1005

    Exfiltration

    Command and Control

    Impact

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1776-59-0x0000000075C31000-0x0000000075C33000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1776-60-0x00000000002F0000-0x0000000000328000-memory.dmp
      Filesize

      224KB

      Download
    • memory/1776-61-0x0000000000400000-0x0000000000486000-memory.dmp
      Filesize

      536KB

      Download