Analysis
-
max time kernel
92s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
30/04/2023, 22:44
Static task
static1
Behavioral task
behavioral1
Sample
0fda4f105bb07160230e01ad78c1010ac7ab828eb3f0f2724cef1ee93fd5d5f7.exe
Resource
win7-20230220-en
General
-
Target
0fda4f105bb07160230e01ad78c1010ac7ab828eb3f0f2724cef1ee93fd5d5f7.exe
-
Size
347KB
-
MD5
3d8355387b7305937c7ab0fae40f88f0
-
SHA1
d960387d8ba7646603d1fde26754e6ecbbd7607a
-
SHA256
0fda4f105bb07160230e01ad78c1010ac7ab828eb3f0f2724cef1ee93fd5d5f7
-
SHA512
a9b58c7343bc31627fb15a936477c47a62e95b6aeb5b7209dae34c29a50eb43578de625a14b5545b7eb8b15bc7ea3a33e35b38285314c6612a816e02cb6d23ac
-
SSDEEP
3072:Klla9+yI3TPHKD93XipyCWXmauX5IjPVSmt9fBHeylilSDcTif1Zl+DNwoqLT4Bt:KfrKD93XwVVwV7gBlSDgif1aDsmb9EB
Malware Config
Signatures
-
Reads user/profile data of local email clients 2 TTPs
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.