Analysis
-
max time kernel
43s -
max time network
49s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
-
submitted
11/10/2022, 16:05
General
-
Target
3efd63c7da190e67a29e1882cfa9f427d5e25d3ba834a8af3fe48162add39835.exe
-
Size
744KB
-
MD5
628e568af6a527df8dcd8f5a9da181e0
-
SHA1
7c524756c233469b31a0425263d693c6a627666f
-
SHA256
3efd63c7da190e67a29e1882cfa9f427d5e25d3ba834a8af3fe48162add39835
-
SHA512
ee491882439ea4b45dba2e758f56513804d1fd92f32242e661e62d72aef8039e4c16864dd501f86c4f897c4b93ece29386d26f229744009851fcb0d3f6adc173
-
SSDEEP
12288:Yt75UAetXLp8gY+EbGaAOwSpUX9ZnVWrJlV2jY9s1Z9wBQudwBpmeR8aB:YtGht1SbsX9ZylV2Z1TwBQdXB
Score
7/10
Malware Config
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\3efd63c7da190e67a29e1882cfa9f427d5e25d3ba834a8af3fe48162add39835.exe"C:\Users\Admin\AppData\Local\Temp\3efd63c7da190e67a29e1882cfa9f427d5e25d3ba834a8af3fe48162add39835.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB