Overview

overview

7

Static

static

2198b4840f...f5.exe

windows7-x64

7

2198b4840f...f5.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    17s
  • max time network
    50s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 14:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2198b4840f4389e7bc9c301bd75225db95c169f43628ad766d0019cd380cf0f5.exe

  • Size

    937KB

  • MD5

    9c7f77ff0b9b23f2d67f3e5632a26790

  • SHA1

    b00fabc016a6f86b9fa3b3cc1fb92c449bd6bfd9

  • SHA256

    2198b4840f4389e7bc9c301bd75225db95c169f43628ad766d0019cd380cf0f5

  • SHA512

    686c3efaf1eca9a18bc72424c82be00831141e60b560d943bbeca3e325364b1249a289357470a6c59b5409783acfc5b6d42ee4918406548dc0c303efd90b7c9c

  • SSDEEP

    24576:Oj4YKC2ab1h/h9s99JLU8xwRhscqUqAASgCcSaej:tpCTbfh9sNLU8xwRXq78gSj

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2198b4840f4389e7bc9c301bd75225db95c169f43628ad766d0019cd380cf0f5.exe
    "C:\Users\Admin\AppData\Local\Temp\2198b4840f4389e7bc9c301bd75225db95c169f43628ad766d0019cd380cf0f5.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:832

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/832-54-0x0000000075291000-0x0000000075293000-memory.dmp

    Filesize

    8KB

    Download