Analysis
-
max time kernel
152s -
max time network
160s -
platform
windows10_x64 -
resource
win10v20210410 -
submitted
26-07-2021 13:00
General
-
Target
aa54f63bb683ca3401a4d2c9cf8182ab1999e83496314645f2e44a479c6235fa.sample.exe
-
Size
812KB
-
MD5
0e2d8643e614dcf37617c21c7c08f1ad
-
SHA1
09a0dcb560ca15252e7b785b1b4891a273d4f11c
-
SHA256
aa54f63bb683ca3401a4d2c9cf8182ab1999e83496314645f2e44a479c6235fa
-
SHA512
0bef46c05b63e73b614b8464336465757fdde14bdaa1396684ea937d96ddb49efa382074d5f715b9112f91bee2d7f68ea62eb1de7da58c41ca6d6dc9aaa03482
Score
8/10
Malware Config
Signatures
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application 2 TTPs 2 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
Processes
-
C:\Users\Admin\AppData\Local\Temp\aa54f63bb683ca3401a4d2c9cf8182ab1999e83496314645f2e44a479c6235fa.sample.exe"C:\Users\Admin\AppData\Local\Temp\aa54f63bb683ca3401a4d2c9cf8182ab1999e83496314645f2e44a479c6235fa.sample.exe"1⤵
- Adds Run key to start application
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3692-114-0x0000000000690000-0x0000000000691000-memory.dmpFilesize
4KB
-
memory/3692-115-0x0000000000400000-0x0000000000633000-memory.dmpFilesize
2.2MB
-
memory/3692-116-0x0000000000400000-0x0000000000633000-memory.dmpFilesize
2.2MB