Analysis
-
max time kernel
30s -
max time network
34s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
19-05-2023 07:45
General
-
Target
bebra.exe
-
Size
13.9MB
-
MD5
860b62717585f269d249ef628b7681de
-
SHA1
b429de97c3717ff84e86bb501741c6b49a02dd51
-
SHA256
9b4e2523db1dda989afb99ec80d452f4745c53246bad523763098af883d205de
-
SHA512
70238c7267087d42070538ef4226bad5786c7c7501d7e75d90eed3687ab9773b7a1652d6fa24d767bcca3942a9047889081307dc3bb27ee818ce5ccc5e8eca25
-
SSDEEP
49152:wHT3h/SSPYYM/cKorb/T/vO90d7HjmAFd4A64nsfJMnFcGSx1wA002rY9qVSS+b2:Ae0STtDSpSksxilEKkxEp/4/gOAgBvU
Score
7/10
Malware Config
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of WriteProcessMemory 6 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\bebra.exe"C:\Users\Admin\AppData\Local\Temp\bebra.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /C choice /C Y /N /D Y /T 0 &Del C:\Users\Admin\AppData\Local\Temp\bebra.exe2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\choice.exechoice /C Y /N /D Y /T 03⤵
-
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
14.3MB