Overview

overview

7

Static

static

90657be0c4...ee.exe

windows7-x64

7

90657be0c4...ee.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    78s
  • max time network
    202s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    28/11/2022, 05:56

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    90657be0c4e12ecab59a5f49c4d42c97dd19e04c4c2352b470bbd73c6098d3ee.exe

  • Size

    962KB

  • MD5

    f035636218ffa2943c4a83ebc1fa3dd9

  • SHA1

    7c18f86a3fb82260af9277c7f99b737fbed830a5

  • SHA256

    90657be0c4e12ecab59a5f49c4d42c97dd19e04c4c2352b470bbd73c6098d3ee

  • SHA512

    20707a96a3f405e3575935af58a66dc95aeddcf6e666f80f1b41c28c223b10838e78eec917b05b5a4832e65a30b9af260d9cb7caaab1b73bcb9828a301ca4260

  • SSDEEP

    24576:Ub3Mw0WK2EQLViZzRCIDPhUXtlq7qR8QBIZ5AxkcSdrZV:g3x0WKUoZzRCIDPn7+ZIZ80r

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\90657be0c4e12ecab59a5f49c4d42c97dd19e04c4c2352b470bbd73c6098d3ee.exe
    "C:\Users\Admin\AppData\Local\Temp\90657be0c4e12ecab59a5f49c4d42c97dd19e04c4c2352b470bbd73c6098d3ee.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1380

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1380-54-0x0000000075611000-0x0000000075613000-memory.dmp

          Filesize

          8KB

          Download