Overview

overview

8

Static

static

8

winprofile

windows7-x64

8

winprofile

windows10-1703-x64

8

Resubmissions

05/11/2022, 23:54

221105-3xxcjsacd3 8

05/11/2022, 22:18

221105-17xd7acdgr 8

Analysis

  • max time kernel
    49s
  • max time network
    175s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-en
  • resource tags

    arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
  • submitted
    05/11/2022, 22:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bf5f4010b29d7e6fe3a26ddae5c3288d64d106028a1a27ca84dfb506a9981148.exe

  • Size

    2.9MB

  • MD5

    5cf74a819ffcc72f48c24bb9055b7a75

  • SHA1

    7c2958db5baa3ceb999163450953f6cb0d70b9e9

  • SHA256

    bf5f4010b29d7e6fe3a26ddae5c3288d64d106028a1a27ca84dfb506a9981148

  • SHA512

    72b88db02cfd2ddfb3b5e4cd7dd03a2b470e02052524aa3f05153021f123625b3853a9639e3a06ce66173c1b3e4e062938ebc05c70d9ace05b9cd0a22eb0f577

  • SSDEEP

    49152:9WtGhOnCbEpfRrhTCZV0fihoc51OqVulsPDzZlZLK1xTkR5lRfD+u5jfDJKINpYP:9WtG4WYRsXQS7en0/Zlsx6lRfD5F7fYP

Score
8/10
spywarestealerupx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

Processes

  • C:\Users\Admin\AppData\Local\Temp\bf5f4010b29d7e6fe3a26ddae5c3288d64d106028a1a27ca84dfb506a9981148.exe
    "C:\Users\Admin\AppData\Local\Temp\bf5f4010b29d7e6fe3a26ddae5c3288d64d106028a1a27ca84dfb506a9981148.exe"
    1⤵
      PID:3048

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3048-117-0x00000000009C0000-0x0000000001190000-memory.dmp

      Filesize

      7.8MB

      Download