f45ec0aebced3abf1c729056d66cb5482f0734be32a0a10b0d5f34ed1c13a2ed | Triage

Analysis

max time kernel
52s
max time network
170s
platform
windows10-1703_x64
resource
win10-20220812-en
resource tags

arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
submitted
15/09/2022, 10:27

Sharing

Report Analysis Logs

General

Target

f45ec0aebced3abf1c729056d66cb5482f0734be32a0a10b0d5f34ed1c13a2ed.exe
Size

7.5MB
MD5

1c1e7b8f65f6c633a24f5673925a414e
SHA1

d8db6f9d7c55de9510b55bb312673a31c8d2f8c6
SHA256

f45ec0aebced3abf1c729056d66cb5482f0734be32a0a10b0d5f34ed1c13a2ed
SHA512

896854daf4fd5df8fb7f3bb2076371268a59f1d2e5655e70abdc5096378ac90c74bdb84cc9638acdc71e990ac4a3149f75dd0cddb3c3326156b13b9c24579cda
SSDEEP

49152:2d/2DoUmNZtcWrb/TFvO90d7HjmAFd4A64nsfJd4Za3QR6AJqJHyA3vGEZmr6Gvu:fmNZ+gA3dpA+WmGWwtE8wPi

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials in Files
T1081

C:\Users\Admin\AppData\Local\Temp\f45ec0aebced3abf1c729056d66cb5482f0734be32a0a10b0d5f34ed1c13a2ed.exe
"C:\Users\Admin\AppData\Local\Temp\f45ec0aebced3abf1c729056d66cb5482f0734be32a0a10b0d5f34ed1c13a2ed.exe"
1⤵
PID:2772

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads