Analysis
-
max time kernel
91s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
-
submitted
30-10-2022 07:47
General
-
Target
f86ba839bd0404d8c5bb314cc859c06034a0798563e99292a612c08a0c29cfe2.exe
-
Size
340KB
-
MD5
93394d68bb356a0e5f6a99eeed4000d7
-
SHA1
b00228891188582c692de58b282cc57cf2464081
-
SHA256
f86ba839bd0404d8c5bb314cc859c06034a0798563e99292a612c08a0c29cfe2
-
SHA512
5256b6bbef11b7901c03d93d811160bdb7f0f1aceda502638cada7002952e69a0105cc271d63ac1c681236535217aceefc40c91b343e78578ae5939a96f8c737
-
SSDEEP
6144:c5KL9R/OYrxWTdPDchAEuGOeXGcYJP+a1IGGLsd5bKNDBiS4sbjdx+T:cML9R/OnBYSpmXGcYJPN1IGGgdQfL6T
Malware Config
Signatures
-
Reads data files stored by FTP clients 2 TTPs
Tries to access configuration files associated with programs like FileZilla.
-
Reads local data of messenger clients 2 TTPs
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
Processes
-
C:\Users\Admin\AppData\Local\Temp\f86ba839bd0404d8c5bb314cc859c06034a0798563e99292a612c08a0c29cfe2.exe"C:\Users\Admin\AppData\Local\Temp\f86ba839bd0404d8c5bb314cc859c06034a0798563e99292a612c08a0c29cfe2.exe"1⤵
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
364KB
-
Filesize
364KB
-
Filesize
16KB
-
Filesize
228KB