Overview

overview

10

Static

static

10

winprofile

windows7_x64

10

winprofile

windows10_x64

10

Analysis

  • max time kernel
    303s
  • max time network
    308s
  • platform
    windows10_x64
  • resource
    win10-20220414-en
  • submitted
    21/06/2022, 03:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    494df1513b13c70b1472282b80bdf1a9399ae0d16a90275a5c9fe7cfda6afd0d.exe

  • Size

    7.5MB

  • MD5

    54e884a1b12fec5e6beaa3a3fc431bee

  • SHA1

    e7f866afe8e34c722f8dbc5057e47856e37fa0ff

  • SHA256

    494df1513b13c70b1472282b80bdf1a9399ae0d16a90275a5c9fe7cfda6afd0d

  • SHA512

    863de15037dd1ef165387c3f8a7aaa4526aba11e2fbc4ef1e15c3b2f7c768ca154c35724b5ab5e8ad6a37e30959d19cb09e7d0a63fc9f78f730a00a79307c702

Score
10/10
recordbreakerstealersuricata

Malware Config

Signatures

  • Raccoon ver2 3 IoCs

    Raccoon ver2.

  • RecordBreaker

    RecordBreaker is an information stealer capable of downloading and executing secondary payloads written in C++.

    stealerrecordbreaker
  • suricata: ET MALWARE Generic Stealer Config Download Request

    suricata: ET MALWARE Generic Stealer Config Download Request

    suricata
  • suricata: ET MALWARE Recordbreaker Stealer CnC Checkin

    suricata: ET MALWARE Recordbreaker Stealer CnC Checkin

    suricata
  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\494df1513b13c70b1472282b80bdf1a9399ae0d16a90275a5c9fe7cfda6afd0d.exe
    "C:\Users\Admin\AppData\Local\Temp\494df1513b13c70b1472282b80bdf1a9399ae0d16a90275a5c9fe7cfda6afd0d.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:2264

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2264-117-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-118-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-119-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-120-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-121-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-122-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-123-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-124-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-125-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-126-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-127-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-128-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-129-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-130-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-131-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-132-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-133-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-134-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-135-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-136-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-137-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-138-0x0000000000FB0000-0x0000000001737000-memory.dmp

    Filesize

    7.5MB

    Download

  • memory/2264-139-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-140-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-141-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-142-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-143-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-144-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-145-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-146-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-147-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-148-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-149-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-150-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-151-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-152-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-153-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-154-0x0000000000FB0000-0x0000000001737000-memory.dmp

    Filesize

    7.5MB

    Download

  • memory/2264-155-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-156-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-157-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-158-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-159-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-160-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-161-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-162-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-163-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-164-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-165-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-166-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2264-167-0x0000000000FB0000-0x0000000001737000-memory.dmp

    Filesize

    7.5MB

    Download