Analysis
-
max time kernel
99s -
max time network
91s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
03-06-2022 01:22
Static task
static1
Behavioral task
behavioral1
Sample
144f8c182177eead9b05dac7efdeda5fb423b1bb0e7ec211bb8623d072929c05.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
144f8c182177eead9b05dac7efdeda5fb423b1bb0e7ec211bb8623d072929c05.exe
-
Size
321KB
-
MD5
eb633b7b53815cbe4c12d061063e76ce
-
SHA1
d13b6282807fa2518c483029b9b981a51627e3cc
-
SHA256
144f8c182177eead9b05dac7efdeda5fb423b1bb0e7ec211bb8623d072929c05
-
SHA512
64cec8e01d66752947a5ecdcde8091a9401d280c0a30a1cb18ef8608cd19a6db67d3fca793e568a68f23bbc5485a6aafa8028608f7e509d51857055d50aacfdf
Malware Config
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
Processes:
144f8c182177eead9b05dac7efdeda5fb423b1bb0e7ec211bb8623d072929c05.exepid process 1100 144f8c182177eead9b05dac7efdeda5fb423b1bb0e7ec211bb8623d072929c05.exe 1100 144f8c182177eead9b05dac7efdeda5fb423b1bb0e7ec211bb8623d072929c05.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1100-54-0x0000000074B51000-0x0000000074B53000-memory.dmpFilesize
8KB