Analysis

  • max time kernel
    42s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 17:04

General

  • Target

    6045ec95a1a261134c4fd73d32ed270d8a8e358cfacb484869f976f93b69b0c5.exe

  • Size

    1.3MB

  • MD5

    864cddd9174195014bb293aed534a462

  • SHA1

    dcd6dc059ee1b79965dd5b71b81d9e31d4b2c42d

  • SHA256

    6045ec95a1a261134c4fd73d32ed270d8a8e358cfacb484869f976f93b69b0c5

  • SHA512

    f4b9d698c049291715d0f28343a35a6a72d6cb6258e03e582e8b3e2e6411c6aee20f3f427427a1c650239be738c3dce0599513ebcec0309f5c0d4795c7a8073c

  • SSDEEP

    24576:iJLwHbSK5l/u0f7W67K7CMMUYX0wSsamZSATHu5AcSQmI:s8bSK/1f7W67K7CMMnk+XZcWI

Score
7/10

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6045ec95a1a261134c4fd73d32ed270d8a8e358cfacb484869f976f93b69b0c5.exe
    "C:\Users\Admin\AppData\Local\Temp\6045ec95a1a261134c4fd73d32ed270d8a8e358cfacb484869f976f93b69b0c5.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1976

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1976-54-0x0000000075CF1000-0x0000000075CF3000-memory.dmp

    Filesize

    8KB