Overview

overview

7

Static

static

525ddbf0f9...c7.exe

windows7-x64

7

525ddbf0f9...c7.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    151s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 14:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    525ddbf0f98bb2b23939ba45459e60aaf1d81aa110e2cf88c6ceb61d0629e5c7.exe

  • Size

    937KB

  • MD5

    7bbff282d18fee109a21062ab8af7bf9

  • SHA1

    4ad647865dce1ddf3317bb9f47f7d8029ca1b120

  • SHA256

    525ddbf0f98bb2b23939ba45459e60aaf1d81aa110e2cf88c6ceb61d0629e5c7

  • SHA512

    bd04db9aa8a1b1da06c8c8c05054ed48b627875d583995ee70d30c30f4d2309af5fa914845beeacfe27d06e3da9b87b51b2932734cf52adfa4ec36fc064b0fe1

  • SSDEEP

    24576:Oj4YKC2ab1h/h9s99JLU8xwRhscqUqAASgCcSyej:tpCTbfh9sNLU8xwRXq78gSj

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\525ddbf0f98bb2b23939ba45459e60aaf1d81aa110e2cf88c6ceb61d0629e5c7.exe
    "C:\Users\Admin\AppData\Local\Temp\525ddbf0f98bb2b23939ba45459e60aaf1d81aa110e2cf88c6ceb61d0629e5c7.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:812

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads