Analysis
-
max time kernel
91s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20220721-en -
resource tags
-
submitted
25-07-2022 07:25
General
-
Target
595142ac0ecaf32e5cd9a477f440bac99b52dcc6c2fa083424d5007fdf0caeec.exe
-
Size
2.3MB
-
MD5
09e7df1b7af441df97311eb490cf6253
-
SHA1
71542eba588e5500118a46e6918f6b19f9e69b66
-
SHA256
595142ac0ecaf32e5cd9a477f440bac99b52dcc6c2fa083424d5007fdf0caeec
-
SHA512
3ffa81253d97ba5317385fbe635038f81ef6b7f50d17c5ab868efb194d0185cc8bc0e2a4ceb576705bc0c9a066df54f7c0ac18ea332f1aa93a51c60fa9d353aa
Score
10/10
Malware Config
Signatures
-
suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer
suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
-
GoLang User-Agent 1 IoCs
Uses default user-agent string defined by GoLang HTTP packages.
Processes
-
C:\Users\Admin\AppData\Local\Temp\595142ac0ecaf32e5cd9a477f440bac99b52dcc6c2fa083424d5007fdf0caeec.exe"C:\Users\Admin\AppData\Local\Temp\595142ac0ecaf32e5cd9a477f440bac99b52dcc6c2fa083424d5007fdf0caeec.exe"1⤵
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4520-130-0x00007FF7C1180000-0x00007FF7C18DA000-memory.dmpFilesize
7.4MB
-
memory/4520-131-0x00007FF7C1180000-0x00007FF7C18DA000-memory.dmpFilesize
7.4MB