Overview

overview

7

Static

static

298202d426...3f.exe

windows7-x64

7

298202d426...3f.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    151s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/11/2022, 12:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    298202d426189b5005067671ce9a30ec6e652fd89d841ccbd195b34d6f020a3f.exe

  • Size

    973KB

  • MD5

    96b749f6a6505128c23f6084f93a271c

  • SHA1

    40371803e95bb15260a8ff54eb5be7b8d6beef32

  • SHA256

    298202d426189b5005067671ce9a30ec6e652fd89d841ccbd195b34d6f020a3f

  • SHA512

    681797285a684059643802b6d79354d6fe4555945d81ed5dd60d7d179f98dfa59f3f18f3b889507882dac9e0ea87218d47ba626b576ea7ccad4c1469d36a943e

  • SSDEEP

    24576:K+wU+0GRJBMyaosJdRnPUKGh6qltQpoRGbkZMA0uSrr27wH5:IR0GRJ5RsBPUKGhtQugkZOya5

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\298202d426189b5005067671ce9a30ec6e652fd89d841ccbd195b34d6f020a3f.exe
    "C:\Users\Admin\AppData\Local\Temp\298202d426189b5005067671ce9a30ec6e652fd89d841ccbd195b34d6f020a3f.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:4808

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads