Analysis

  • max time kernel
    294s
  • max time network
    357s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-11-2022 03:21

General

  • Target

    a9f64b8d0f9e36b105af14ea86b015354634dc6ecd3ef3198c07650573f891f6.exe

  • Size

    1.3MB

  • MD5

    2c6e002f87de4c5243d6e0aea423fcb8

  • SHA1

    4da1fc608b45e1077c15be62791e43dcb55de7e7

  • SHA256

    a9f64b8d0f9e36b105af14ea86b015354634dc6ecd3ef3198c07650573f891f6

  • SHA512

    d9334bcfd9996cfe0729ca42c7a9d50c0444f82d97425364883e763ad176cf4bd5ff2b847eac63f6b3493dbe9dac3bc9ca319adca4381f3bf0652be731abb9a4

  • SSDEEP

    24576:YfKf9qrhWQehAhcVdWhnOleV9rtENptZrAoQGcSODZD:zVqrhi+hcVdWhd7OfZFQbZD

Score
7/10

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a9f64b8d0f9e36b105af14ea86b015354634dc6ecd3ef3198c07650573f891f6.exe
    "C:\Users\Admin\AppData\Local\Temp\a9f64b8d0f9e36b105af14ea86b015354634dc6ecd3ef3198c07650573f891f6.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1408

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads