b8d9ac5134f9380e2332fd1bb4439487da98f39c50dd5644cc46327c917f6380 | Triage

Analysis

max time kernel
51s
max time network
181s
platform
windows10-1703_x64
resource
win10-20220901-en
resource tags

arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
submitted
27/11/2022, 22:17

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b8d9ac5134f9380e2332fd1bb4439487da98f39c50dd5644cc46327c917f6380.exe
Size

7.5MB
MD5

ac5416a949d25ebbb1a1d6387955601a
SHA1

3fa3b14a5a3cafed070162b5b5ab588f1fbedf56
SHA256

b8d9ac5134f9380e2332fd1bb4439487da98f39c50dd5644cc46327c917f6380
SHA512

89a1fabc22930f563c1a970723eb6bf227713f5ac0d04d2a39628ad7c7eeab1292c6f384216f7e430fe5354f8b728245f1abd95e8a892f9a094d7987b98181c6
SSDEEP

98304:0vhd+e/nIKFrPpRqe8k/IIDokEXwWy2EpusiF:ahdz/nNxTqxk/IIDokEXwWyzAsm

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials in Files
T1081

C:\Users\Admin\AppData\Local\Temp\b8d9ac5134f9380e2332fd1bb4439487da98f39c50dd5644cc46327c917f6380.exe
"C:\Users\Admin\AppData\Local\Temp\b8d9ac5134f9380e2332fd1bb4439487da98f39c50dd5644cc46327c917f6380.exe"
1⤵
PID:4264

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads