Overview

overview

7

Static

static

5ab1666ee7...69.exe

windows7-x64

7

5ab1666ee7...69.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    16s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    24-11-2022 11:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5ab1666ee7307d68b5e52c398158be6fab059b86fa9ba466f6e929a907e58269.exe

  • Size

    961KB

  • MD5

    986cae7395ec06c39fd89c1fbf61400b

  • SHA1

    4c8689f84fd8e4aa50d5b05056e41ebb6be884f2

  • SHA256

    5ab1666ee7307d68b5e52c398158be6fab059b86fa9ba466f6e929a907e58269

  • SHA512

    6bf13c428dd2f3f86fb459ca13c28f8a87c275b8dedcdcb88b965889fb422d4fa9b957e45ee7e680406ae9d782144e9386bfda36e406d1d61832a59c31160773

  • SSDEEP

    24576:ikQ1aOCco82PkHsddUplpYE+JglzGWqVgjsaxZiAvS5cS0S:r/co82CsrUplpYEZ1BjsEZyl

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5ab1666ee7307d68b5e52c398158be6fab059b86fa9ba466f6e929a907e58269.exe
    "C:\Users\Admin\AppData\Local\Temp\5ab1666ee7307d68b5e52c398158be6fab059b86fa9ba466f6e929a907e58269.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1940

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1940-54-0x0000000075B41000-0x0000000075B43000-memory.dmp

    Filesize

    8KB

    Download