Overview

overview

7

Static

static

62d66749df...d3.exe

windows7-x64

7

62d66749df...d3.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    78s
  • max time network
    107s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 17:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    62d66749dff85e85e28c6e3cd54e6c5ba85a3be585ae59d9dcd75b7f075731d3.exe

  • Size

    1.3MB

  • MD5

    99a6dba424739a1991bdb9eb3bbb5ff5

  • SHA1

    39cba496126024ffb2cbc87902edddf8c4f65451

  • SHA256

    62d66749dff85e85e28c6e3cd54e6c5ba85a3be585ae59d9dcd75b7f075731d3

  • SHA512

    c148a6c27f28276efd758b2399ee19dec6c6eee9e411b22238b0ec1ee71c967d5fd6a8c3a8c1089897d3c78be05104c5b97e451fd89e7071d84a78fc5e8a2541

  • SSDEEP

    24576:5ZVRmsPJt+vRECi67v1yFN2F2KhZhLVZSAJAcSGZM:1PJt+OCi67v1yFNFKN5ZRr

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\62d66749dff85e85e28c6e3cd54e6c5ba85a3be585ae59d9dcd75b7f075731d3.exe
    "C:\Users\Admin\AppData\Local\Temp\62d66749dff85e85e28c6e3cd54e6c5ba85a3be585ae59d9dcd75b7f075731d3.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:596

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/596-54-0x0000000075701000-0x0000000075703000-memory.dmp

    Filesize

    8KB

    Download