Overview

overview

10

Static

static

winprofile

windows7_x64

10

winprofile

windows10_x64

10

Analysis

  • max time kernel
    52s
  • max time network
    186s
  • platform
    windows10_x64
  • resource
    win10-20220414-en
  • submitted
    21-06-2022 03:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a25fd13894644550fa9ca60a046813031e5189d4abe4bbd68ed9e6dcfc85d698.exe

  • Size

    7.1MB

  • MD5

    3f6a84da68d75bc0534974f46f2d5acc

  • SHA1

    71b99507ca40382d0073f6ee7b8f515b11a2ae64

  • SHA256

    a25fd13894644550fa9ca60a046813031e5189d4abe4bbd68ed9e6dcfc85d698

  • SHA512

    291fa44df9aea643ffd483f8b4d35cb5b985d0ff29a1dabf86ce8b87144ad792183433e4e4d0a7b2f9c15ef91b17f995687f447bd9c4e8e63594d38cfff35dd4

Score
10/10
recordbreakerstealersuricata

Malware Config

Signatures

  • Raccoon ver2 3 IoCs

    Raccoon ver2.

  • RecordBreaker

    RecordBreaker is an information stealer capable of downloading and executing secondary payloads written in C++.

    stealerrecordbreaker
  • suricata: ET MALWARE Generic Stealer Config Download Request

    suricata: ET MALWARE Generic Stealer Config Download Request

    suricata
  • suricata: ET MALWARE Recordbreaker Stealer CnC Checkin

    suricata: ET MALWARE Recordbreaker Stealer CnC Checkin

    suricata
  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a25fd13894644550fa9ca60a046813031e5189d4abe4bbd68ed9e6dcfc85d698.exe
    "C:\Users\Admin\AppData\Local\Temp\a25fd13894644550fa9ca60a046813031e5189d4abe4bbd68ed9e6dcfc85d698.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:1120

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1120-118-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-119-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-120-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-121-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-122-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-123-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-124-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-125-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-126-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-127-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-128-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-129-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-130-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-131-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-132-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-133-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-134-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-135-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-136-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-137-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-138-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-139-0x00000000013C0000-0x0000000001EE6000-memory.dmp

    Filesize

    11.1MB

    Download

  • memory/1120-141-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-142-0x00000000013C0000-0x0000000001EE6000-memory.dmp

    Filesize

    11.1MB

    Download

  • memory/1120-143-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-144-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-145-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-146-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-147-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-148-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-149-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-150-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-151-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-152-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-153-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-154-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-155-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-156-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-157-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-158-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-159-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-160-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-161-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-162-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-163-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-164-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-165-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-166-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-167-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-168-0x00000000775D0000-0x000000007775E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-169-0x00000000013C0000-0x0000000001EE6000-memory.dmp

    Filesize

    11.1MB

    Download