Analysis
-
max time kernel
126s -
max time network
121s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
05-02-2022 04:43
Static task
static1
Behavioral task
behavioral1
Sample
676305bece6f0b49d822849ae0873025666d31330d27adf10cb57255f1bdb585.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
676305bece6f0b49d822849ae0873025666d31330d27adf10cb57255f1bdb585.exe
Resource
win10v2004-en-20220113
General
-
Target
676305bece6f0b49d822849ae0873025666d31330d27adf10cb57255f1bdb585.exe
-
Size
425KB
-
MD5
5cd2cbf405a8ed0cbc8ffcc39c0949e0
-
SHA1
ddec66684726f458b47065b443857f78bbb40a1c
-
SHA256
676305bece6f0b49d822849ae0873025666d31330d27adf10cb57255f1bdb585
-
SHA512
4bacc3f5c86e7ac12c3ea5bcfdcd4bedb05fefb6221371a989fd48457b2b907fb9e5b147cafc3929bd665039e585a889e79d7ac0a4d1c81be75651b332bedbfc
Malware Config
Signatures
-
Reads data files stored by FTP clients 2 TTPs
Tries to access configuration files associated with programs like FileZilla.
-
Reads local data of messenger clients 2 TTPs
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1436-54-0x0000000076151000-0x0000000076153000-memory.dmpFilesize
8KB