31fcc1a7c79fa0e760d81e479154824551be394658821275380c9fc45343ae22 | Triage

Analysis

max time kernel
21s
max time network
18s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
13-08-2023 18:33

Sharing

Report Analysis Logs

General

Target

bin2.exe
Size

565KB
MD5

66a777ef1448979e315f5be959a20a67
SHA1

d1b4fb00df2f5d48498a6001007ebf5f91841394
SHA256

eec2437b0d9853f2416a800826692e9d74d052ba346465b0541a563c7adb8082
SHA512

9adc10f59f6527da9c4ef015827305e0490b3ff0d261ed0c0e029209c28e00f21321552292004e295857e1ac5a511130e9572b84c7a1f85034ef0dde9386f723
SSDEEP

12288:2JdJIY6hz+4ewbrOiroANc1nRDWVSpR8dIC/TSTA6YIild+2+XbivoqSlxVJb2:s/Ifz5eavrouynRDWkpOdIC/TSc6YtlV

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads data files stored by FTP clients 2 TTPs
Tries to access configuration files associated with programs like FileZilla.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
spyware

Data from Local System
T1005

Credentials In Files
T1552.001

C:\Users\Admin\AppData\Local\Temp\bin2.exe
"C:\Users\Admin\AppData\Local\Temp\bin2.exe"
1⤵
PID:2504

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\pts2W6U4Q1Q9X\General\forms.txt
Filesize
11B

MD5
fbf2b0ea6fdc6fe3148bd600729d5fac

SHA1
2c0aad6ae361763eddc2668a9493f434d6a972bd

SHA256
c794c993f1d9125029477df973401ae082c56b53f1d7e461258537aa7efc5797

SHA512
29547388d261c54a031e97f0beeaf3bba67949a4a178ab5df39091d7e8e8a66415bc1f9dabd518eb7ceb7c01868b124575c7a16e41ed4e180a9df872847e57fb

Download Submit