Overview

overview

7

Static

static

a4b7782cd5...d9.exe

windows7-x64

7

a4b7782cd5...d9.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    53s
  • max time network
    56s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    29-10-2022 18:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a4b7782cd50b921578533f1cc218b1bd2a0d339661817bc35ed9c1ffaf544ed9.exe

  • Size

    872KB

  • MD5

    8453b75e39aaa7328aca1c4569dc84e0

  • SHA1

    2114d687ae6b154fd0feec895c271fe62dbf6f30

  • SHA256

    a4b7782cd50b921578533f1cc218b1bd2a0d339661817bc35ed9c1ffaf544ed9

  • SHA512

    57e385bd095f11c5442b334a0b8718e2c4965da09419766de49f23724b5f7a013179e1734e68d126f99a3f5fa046af75539abeb22f0f7c149586e618e0436dd1

  • SSDEEP

    12288:iYFCEoNadKfLhfaeDTCbMU3/6bovBJ6rtkUgisADs/+tmqInPzEpYr+UMOxD+HbG:iYF93/zvj6rOADs/+tGPzE+VxqHXSj91

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a4b7782cd50b921578533f1cc218b1bd2a0d339661817bc35ed9c1ffaf544ed9.exe
    "C:\Users\Admin\AppData\Local\Temp\a4b7782cd50b921578533f1cc218b1bd2a0d339661817bc35ed9c1ffaf544ed9.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1480

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1480-54-0x0000000076201000-0x0000000076203000-memory.dmp

    Filesize

    8KB

    Download