42d2c24e492154147631ad8360d730bc01bfb8e1f057563b5ba96fac199c438f | Triage

Submit
Reports

Overview

overview

Static

static

42d2c24e49...8f.exe

windows7-x64

42d2c24e49...8f.exe

windows10-2004-x64

7

Analysis

max time kernel
265s
max time network
276s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
25-11-2022 09:37

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

42d2c24e492154147631ad8360d730bc01bfb8e1f057563b5ba96fac199c438f.exe

Resource

win7-20220812-en

persistence spyware stealer

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

42d2c24e492154147631ad8360d730bc01bfb8e1f057563b5ba96fac199c438f.exe

Resource

win10v2004-20221111-en

spyware stealer

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

42d2c24e492154147631ad8360d730bc01bfb8e1f057563b5ba96fac199c438f.exe
Size

394KB
MD5

0c985eba4c824c943dfd05035bc4eef1
SHA1

f5ba7a99bc283a5cc527c9e978986e7efad1b4f0
SHA256

42d2c24e492154147631ad8360d730bc01bfb8e1f057563b5ba96fac199c438f
SHA512

3b69bbcd67456cfb326e432016d7c292746cb8ef5897ab2bb3322452b7424189713d944ee3f768cb8c320db805c6de1c634e980549c806d41724e02e07b43bd9
SSDEEP

3072:dSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbMtJyVdyw:ssqhJMxzJiU5SeLmNSbMtJU5

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials in Files
T1081

Processes

C:\Users\Admin\AppData\Local\Temp\42d2c24e492154147631ad8360d730bc01bfb8e1f057563b5ba96fac199c438f.exe
"C:\Users\Admin\AppData\Local\Temp\42d2c24e492154147631ad8360d730bc01bfb8e1f057563b5ba96fac199c438f.exe"
1⤵
PID:1160

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1160-132-0x0000000000400000-0x000000000042D000-memory.dmp

Filesize
180KB

Download

© 2018-2024

Terms | Privacy