Overview

overview

7

Static

static

baa39303a9...99.exe

windows7-x64

7

baa39303a9...99.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    48s
  • max time network
    61s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    24/11/2022, 06:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    baa39303a9379f315a721e237f91421910f782dcdffeaf15cf9ce4f5e6a52e99.exe

  • Size

    937KB

  • MD5

    6ea71566d44bc54a03b5e48540ac3c73

  • SHA1

    e80bfc106cf747c8648f7df4afb52bb47dc17912

  • SHA256

    baa39303a9379f315a721e237f91421910f782dcdffeaf15cf9ce4f5e6a52e99

  • SHA512

    da5e6502c9ef8d987079672fba6eaae49ebbc97ba36939f3b9e82a256c7d04f2576993d7af9af5224cf7fdea36b0072743157b74bf152051852bc5ae3238743a

  • SSDEEP

    24576:S/6NgZyGGZAim8giQ3UA/0TIRKb0gJAvaAtmSJcSPJEh:ybZfGZARViQkA/0TIR3gGvtxsh

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\baa39303a9379f315a721e237f91421910f782dcdffeaf15cf9ce4f5e6a52e99.exe
    "C:\Users\Admin\AppData\Local\Temp\baa39303a9379f315a721e237f91421910f782dcdffeaf15cf9ce4f5e6a52e99.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:560

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/560-54-0x0000000075D01000-0x0000000075D03000-memory.dmp

    Filesize

    8KB

    Download