Analysis

  • max time kernel
    36s
  • max time network
    42s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 12:58

General

  • Target

    d9152c3c1bce287fec229da81064135b3b679aab0df0f0668501a9cf3f8f93ff.exe

  • Size

    937KB

  • MD5

    058f786d8d8395fdacc60079187fde2a

  • SHA1

    8e74c2f511fee644f58aa2b8da6a8c7c375724bd

  • SHA256

    d9152c3c1bce287fec229da81064135b3b679aab0df0f0668501a9cf3f8f93ff

  • SHA512

    4c506dcb2076d06c6e0acb14fc6a1ecaa961f0b4203c2dd55dd2ddadcc705cbc84f55fba2322c3134cc7fa70882b747c2474ae8e39af659a6f962e3148799950

  • SSDEEP

    24576:Oj4YKC2ab1h/h9s99JLU8xwRhscqUqAASgCcS7ej:tpCTbfh9sNLU8xwRXq78g9j

Score
7/10

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d9152c3c1bce287fec229da81064135b3b679aab0df0f0668501a9cf3f8f93ff.exe
    "C:\Users\Admin\AppData\Local\Temp\d9152c3c1bce287fec229da81064135b3b679aab0df0f0668501a9cf3f8f93ff.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1608

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1608-54-0x0000000075A91000-0x0000000075A93000-memory.dmp

    Filesize

    8KB