Overview

overview

7

Static

static

fa27751410...e8.exe

windows7-x64

7

fa27751410...e8.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    181s
  • max time network
    203s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 09:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fa277514108e03daaa4c340ac70a8281e08076220f8e029eff63bc49ec8496e8.exe

  • Size

    17KB

  • MD5

    b8b5015590ef55b4c7276024173fcbe5

  • SHA1

    9e249cee8c789b8db513fc48662cade2b4a71da4

  • SHA256

    fa277514108e03daaa4c340ac70a8281e08076220f8e029eff63bc49ec8496e8

  • SHA512

    2de777e8841a1a979376d74703845845b30e4f5cfc60bb6d68501af8363f8331d8b75018172f64a4e698e06be0919a8c52f5f8e906def378adf822baa804d784

  • SSDEEP

    384:ANRGleZythygKYgL46eR+Q6YK4G8pRaBKJG/dvzoIll:0RGleZythxNgL49+k7ucGloIll

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fa277514108e03daaa4c340ac70a8281e08076220f8e029eff63bc49ec8496e8.exe
    "C:\Users\Admin\AppData\Local\Temp\fa277514108e03daaa4c340ac70a8281e08076220f8e029eff63bc49ec8496e8.exe"
    1⤵
      PID:2316
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 2316 -s 1004
        2⤵
        • Program crash
        PID:4260
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 448 -p 2316 -ip 2316
      1⤵
        PID:2832

      Network

      MITRE ATT&CK Enterprise v6

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2316-132-0x0000000000B10000-0x0000000000B1A000-memory.dmp

        Filesize

        40KB

        Download