Analysis
-
max time kernel
140s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
20-04-2022 02:56
Static task
static1
Behavioral task
behavioral1
Sample
fab8a31dbd77da2d6f0e1be73b008ee07bcd7f20a2b9ff3de8fc8642088ed7ee.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
fab8a31dbd77da2d6f0e1be73b008ee07bcd7f20a2b9ff3de8fc8642088ed7ee.exe
-
Size
493KB
-
MD5
cd135eebb454cada149a3892e6a346ec
-
SHA1
830766cf41d9032ecf4a3c735d1b7f24855e2a4a
-
SHA256
fab8a31dbd77da2d6f0e1be73b008ee07bcd7f20a2b9ff3de8fc8642088ed7ee
-
SHA512
7133c14ed3895c45c73e526586d75b4e586e500557b5e3f172c23bb86634521eb5aa9615cd0e6e02f850698034ebbf847ac9114930134e129753adb59713940d
Malware Config
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 4956 fab8a31dbd77da2d6f0e1be73b008ee07bcd7f20a2b9ff3de8fc8642088ed7ee.exe 4956 fab8a31dbd77da2d6f0e1be73b008ee07bcd7f20a2b9ff3de8fc8642088ed7ee.exe