Overview

overview

7

Static

static

baf6521af2...83.exe

windows7-x64

7

baf6521af2...83.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    40s
  • max time network
    76s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    22/11/2022, 01:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    baf6521af25591f7b24abb2267a303271f843f4a76c4f11392c0141b02482a83.exe

  • Size

    937KB

  • MD5

    00ee85d216a8c5633d3db6979746be6d

  • SHA1

    7adb71cd6576c6ad4f960e032d6cf39aa7cc27b3

  • SHA256

    baf6521af25591f7b24abb2267a303271f843f4a76c4f11392c0141b02482a83

  • SHA512

    b34953ae6b19628c6aa0cf983d88d68f9b414f500cefd126d534900d66f539352a3f9b829a3be495d3b2e5b4e37e7db74263ae807e5dc6a8e6e53b41db23d429

  • SSDEEP

    24576:S/6NgZyGGZAim8giQ3UA/0TIRKb0gJAvaAtmSJcSUJEh:ybZfGZARViQkA/0TIR3gGvtxNh

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\baf6521af25591f7b24abb2267a303271f843f4a76c4f11392c0141b02482a83.exe
    "C:\Users\Admin\AppData\Local\Temp\baf6521af25591f7b24abb2267a303271f843f4a76c4f11392c0141b02482a83.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1504

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1504-54-0x00000000768A1000-0x00000000768A3000-memory.dmp

    Filesize

    8KB

    Download