Overview

overview

7

Static

static

e78f21d5ba...22.exe

windows7-x64

7

e78f21d5ba...22.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    91s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 11:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e78f21d5ba858d7f1aa2ebbfbd34d425a9ca399b9edd73f36084f82eff948a22.exe

  • Size

    935KB

  • MD5

    66dab1a7713f6cd6caa6ab3a0f79be4b

  • SHA1

    1beb855608589e19681cc90079581637d354ea5f

  • SHA256

    e78f21d5ba858d7f1aa2ebbfbd34d425a9ca399b9edd73f36084f82eff948a22

  • SHA512

    3b32a65832982294b2a7bc99ca183a3baacfb500b63fe3bab7fadfc91f75f6e2f9eccb4d02980c5f91b7862e5f6b39d14af48d8ead36de3e3d228efc9cccb253

  • SSDEEP

    24576:9hKrgaIj+7bsYATkNU06QIFjzK5LJcpIF5ukriA0//cSlw:MoYATkXxIlzK5LJb5VrM/O

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e78f21d5ba858d7f1aa2ebbfbd34d425a9ca399b9edd73f36084f82eff948a22.exe
    "C:\Users\Admin\AppData\Local\Temp\e78f21d5ba858d7f1aa2ebbfbd34d425a9ca399b9edd73f36084f82eff948a22.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:4432

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads