Analysis
-
max time kernel
90s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
16/06/2022, 16:33
General
-
Target
325b636c441ba00adae199f307b02cfa3e13fb8f60cd75260e2af3b2876cf03d.exe
-
Size
7.5MB
-
MD5
63095df1fdd014bbcc8ee4563d215f2f
-
SHA1
0ba65b6581ac11faef4bab7bad6d392b52939bbf
-
SHA256
325b636c441ba00adae199f307b02cfa3e13fb8f60cd75260e2af3b2876cf03d
-
SHA512
3a018b7f1f29350487d7ad03b40f6c509b476838423fab5200a932a938da28bb32ded62ecfd9348c357c8e37d735c5d4c804626c7ba315951a3d7520ac27c5c7
Score
10/10
Malware Config
Signatures
-
RecordBreaker
RecordBreaker is an information stealer capable of downloading and executing secondary payloads written in C++.
-
suricata: ET MALWARE Generic Stealer Config Download Request
suricata: ET MALWARE Generic Stealer Config Download Request
-
suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
-
Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\325b636c441ba00adae199f307b02cfa3e13fb8f60cd75260e2af3b2876cf03d.exe"C:\Users\Admin\AppData\Local\Temp\325b636c441ba00adae199f307b02cfa3e13fb8f60cd75260e2af3b2876cf03d.exe"1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
7.5MB
-
Filesize
7.5MB