Analysis
-
max time kernel
146s -
max time network
154s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
21-03-2023 14:39
Static task
static1
Behavioral task
behavioral1
Sample
554dbb9a2d3a6a1ec7059dff09ae50968142b1edfd12114a966b0c940987e212.exe
Resource
win7-20230220-en
General
-
Target
554dbb9a2d3a6a1ec7059dff09ae50968142b1edfd12114a966b0c940987e212.exe
-
Size
855KB
-
MD5
bbf51befc3845103afe1886b87cb83f3
-
SHA1
bb46030f8cb631a931b5a9abc402128dee658df2
-
SHA256
554dbb9a2d3a6a1ec7059dff09ae50968142b1edfd12114a966b0c940987e212
-
SHA512
ad4ce49d1bd5a0c8eb4e25a36f43efa54b92a15408832aec825d900be9027b7e435694a83044565b5dd4ddd0671da8013798b1895ba3681ec7beb81459625787
-
SSDEEP
24576:3+jKVyjN9tiqrIySjKQ8msZasS8fU3wfi:3WjN9ti2wj8ju8Mgfi
Malware Config
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/624-54-0x0000000000340000-0x00000000003FC000-memory.dmpFilesize
752KB
-
memory/624-55-0x0000000001F90000-0x0000000002093000-memory.dmpFilesize
1.0MB
-
memory/624-56-0x0000000000400000-0x0000000000556000-memory.dmpFilesize
1.3MB
-
memory/624-59-0x0000000000400000-0x0000000000556000-memory.dmpFilesize
1.3MB
-
memory/624-61-0x0000000000400000-0x0000000000556000-memory.dmpFilesize
1.3MB
-
memory/624-63-0x0000000000400000-0x0000000000556000-memory.dmpFilesize
1.3MB
-
memory/624-66-0x0000000000400000-0x0000000000556000-memory.dmpFilesize
1.3MB
-
memory/624-68-0x0000000000400000-0x0000000000556000-memory.dmpFilesize
1.3MB