Analysis
-
max time kernel
150s -
max time network
183s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
02-10-2022 09:46
Static task
static1
Behavioral task
behavioral1
Sample
9be93375405fd356c40a3a2daac264144cb6de3a5185b254b2d8e56d7522a58a.exe
Resource
win7-20220812-en
General
-
Target
9be93375405fd356c40a3a2daac264144cb6de3a5185b254b2d8e56d7522a58a.exe
-
Size
520KB
-
MD5
611f5b66a155f86f12de370af3217427
-
SHA1
443d2575a6889674418c89ddb2a492ea6bbfbbb8
-
SHA256
9be93375405fd356c40a3a2daac264144cb6de3a5185b254b2d8e56d7522a58a
-
SHA512
09f5cbd0279e24cc2550e34fe3cc8acb20da77de8b2d5ac7d06bf8b94935827a1ca4dc37dbea6e9d92f3796415ed39e423ebdb2a482e4dd5b68cce4522de0ee0
-
SSDEEP
12288:i0m3blK36QhuIOyFHxlAaO8ye3/+raBKraB:k3blO6NWTlAaO8yLraBKraB
Malware Config
Signatures
-
Reads data files stored by FTP clients 2 TTPs
Tries to access configuration files associated with programs like FileZilla.
-
Reads local data of messenger clients 2 TTPs
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.