Analysis
-
max time kernel
27s -
max time network
31s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
16/06/2023, 06:49
General
-
Target
bebra.exe
-
Size
13.9MB
-
MD5
111cb53077982c5663366b1444d8cd1b
-
SHA1
e488375512598815d999c1b1c262342c0140298b
-
SHA256
621073c2fd07300a3d202b5801f3c17869f0aa73718033492ac986aafd9a897a
-
SHA512
e3ef7acdeaf456aa6944d79bdfdb5401a85160cf563324e94a8eb6648bb3ed42f70eeb6581ff3e848e45a48f9c7201f26ad7a4a4d9a1f90b8de2bcf578389e9b
-
SSDEEP
98304:TClrUORb2nth32ic3gefxEu/4/dd+oy+0Zg:TgoOt2nGxgeaf/dh
Score
7/10
Malware Config
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of WriteProcessMemory 6 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\bebra.exe"C:\Users\Admin\AppData\Local\Temp\bebra.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /C choice /C Y /N /D Y /T 0 &Del C:\Users\Admin\AppData\Local\Temp\bebra.exe2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\choice.exechoice /C Y /N /D Y /T 03⤵
-
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
14.3MB