Analysis
-
max time kernel
40s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
-
submitted
23-11-2022 23:10
General
-
Target
7570d943d9292fae141baa054e71782c43fa6c7c14057d55ad73b23c53e375b3.exe
-
Size
2.6MB
-
MD5
8d985d7ec961e6a746ab3eee6ce32517
-
SHA1
9555defc109af984434a99844d5d1ece75e59055
-
SHA256
7570d943d9292fae141baa054e71782c43fa6c7c14057d55ad73b23c53e375b3
-
SHA512
6a8aef3e32c1cced25e1bcbea5aa25008b936f215a17aca606787201b51aafd1e01093b376a3e94f4deb0179d9f3c88d6be0b59e3d627c7839751643f2ac254f
-
SSDEEP
49152:qL1J765jXAdZyLDyKeVkjV8km1eT4OpPvdHuk73ajqyT+Y41:qH73dZyQA8LOpP1Hukzaj2
Score
7/10
Malware Config
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension 3 IoCs
-
Drops file in System32 directory 4 IoCs
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\7570d943d9292fae141baa054e71782c43fa6c7c14057d55ad73b23c53e375b3.exe"C:\Users\Admin\AppData\Local\Temp\7570d943d9292fae141baa054e71782c43fa6c7c14057d55ad73b23c53e375b3.exe"1⤵
- Drops Chrome extension
- Drops file in System32 directory
- Suspicious behavior: EnumeratesProcesses
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
-
Filesize
644KB