Overview

overview

10

Static

static

10

winprofile

windows7_x64

10

winprofile

windows10_x64

10

Analysis

  • max time kernel
    52s
  • max time network
    180s
  • platform
    windows10_x64
  • resource
    win10-20220414-en
  • submitted
    21/06/2022, 03:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    99834c9981535b584040fef84af159e5e584927aac4a6a57001ba5ecf1e869c4.exe

  • Size

    7.4MB

  • MD5

    22d27186a79cfc261d19611645c0c4f1

  • SHA1

    a87f22dba40c522889764dfb1aeafe2096d929d3

  • SHA256

    99834c9981535b584040fef84af159e5e584927aac4a6a57001ba5ecf1e869c4

  • SHA512

    a93dff567253395f7073b49c319f5b6fefed34f6a1e0907280baf2623d6dd4ba8f1eee407620480c3a568340e6b964cad1e3e8d38c57ac4118c9d2343f05225c

Score
10/10
recordbreakerstealersuricata

Malware Config

Signatures

  • Raccoon ver2 3 IoCs

    Raccoon ver2.

  • RecordBreaker

    RecordBreaker is an information stealer capable of downloading and executing secondary payloads written in C++.

    stealerrecordbreaker
  • suricata: ET MALWARE Generic Stealer Config Download Request

    suricata: ET MALWARE Generic Stealer Config Download Request

    suricata
  • suricata: ET MALWARE Recordbreaker Stealer CnC Checkin

    suricata: ET MALWARE Recordbreaker Stealer CnC Checkin

    suricata
  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\99834c9981535b584040fef84af159e5e584927aac4a6a57001ba5ecf1e869c4.exe
    "C:\Users\Admin\AppData\Local\Temp\99834c9981535b584040fef84af159e5e584927aac4a6a57001ba5ecf1e869c4.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:2476

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2476-117-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-118-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-119-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-120-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-121-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-122-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-123-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-124-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-125-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-126-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-127-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-128-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-129-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-130-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-131-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-132-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-133-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-134-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-135-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-136-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-137-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-138-0x00000000010E0000-0x0000000001846000-memory.dmp

    Filesize

    7.4MB

    Download

  • memory/2476-139-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-140-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-141-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-142-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-143-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-144-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-145-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-146-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-147-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-148-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-149-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-150-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-151-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-152-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-153-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-154-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-155-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-156-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-157-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-158-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-159-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-160-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-161-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-162-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-163-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-164-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-165-0x0000000076F40000-0x00000000770CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2476-166-0x00000000010E0000-0x0000000001846000-memory.dmp

    Filesize

    7.4MB

    Download

  • memory/2476-167-0x00000000010E0000-0x0000000001846000-memory.dmp

    Filesize

    7.4MB

    Download