Overview

overview

7

Static

static

f093ab6fb8...ed.exe

windows7-x64

7

f093ab6fb8...ed.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    42s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    24-11-2022 07:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f093ab6fb844a73273165997599c1e66012b6d2827ddeec6e957e680b36755ed.exe

  • Size

    935KB

  • MD5

    40d8d430ffe4490066e9d89a6892803a

  • SHA1

    4a2b84626a27d67d50f644e6d7ee7fbe6957d47a

  • SHA256

    f093ab6fb844a73273165997599c1e66012b6d2827ddeec6e957e680b36755ed

  • SHA512

    cd0777c562513f4e7dd7f155d2b0e80238da3c620087d4cbd47f8146b3d309b119803d38907029e84db7e74c7549f8e27b4e223c3d9122c2cf4f982b3d2d93a6

  • SSDEEP

    24576:9hKrgaIj+7bsYATkNU06QIFjzK5LJcpIF5ukriA0//cSAw:MoYATkXxIlzK5LJb5VrM/n

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f093ab6fb844a73273165997599c1e66012b6d2827ddeec6e957e680b36755ed.exe
    "C:\Users\Admin\AppData\Local\Temp\f093ab6fb844a73273165997599c1e66012b6d2827ddeec6e957e680b36755ed.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1096

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1096-54-0x0000000075211000-0x0000000075213000-memory.dmp

    Filesize

    8KB

    Download