a08c8a0e9e0b9a9732fbfddce7f8cb98f7ed3869659d93ed608d09bd2fc67ece | Triage

Analysis

max time kernel
48s
max time network
52s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
10-10-2022 15:54

Sharing

Report Analysis Logs

General

Target

file.exe
Size

89KB
MD5

eb8e47404c816c2690be19d666580b34
SHA1

3134137ebebe56055b6622ee3ccffe669ff195ae
SHA256

a08c8a0e9e0b9a9732fbfddce7f8cb98f7ed3869659d93ed608d09bd2fc67ece
SHA512

d6cbd6024dfa75cb266a929b7f286fa06bd81541fce01815fd00ab714048ef847764b7532e0681aa1ff503003059e2901c3597bebcfb786a94fa09a58889f636
SSDEEP

1536:0VGzkJ2tuBkJtpmRdMLq5vEvM9eMWNUnEUO7mXRqP5Z3X2qqkQSSsW7zcdvFV2/n:0VGI1BCtcvMG5vEvMVEUO7gqRDqkQwvC

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials in Files
T1081

C:\Users\Admin\AppData\Local\Temp\file.exe
"C:\Users\Admin\AppData\Local\Temp\file.exe"
1⤵
PID:1544

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1544-54-0x0000000075681000-0x0000000075683000-memory.dmp

Filesize
8KB

Download