872598c7cca00002a0755def456b26ab95ab4d53b062c1a8a34634bdf5ecb8cc | Triage

Analysis

max time kernel
122s
max time network
125s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
28/08/2023, 10:17

Sharing

Report Analysis Logs

General

Target

Device/HarddiskVolume5/Users/MHassan/AppData/Roaming/ypsx_cloud_v2/wdcloud_v2.exe
Size

4.7MB
MD5

c84930bc2df64e1d5224c801e4c1a4a9
SHA1

edd4df978c9637ea23ab173820cb9f6710470f45
SHA256

54dd4efe8dd16699cdcf2d718a63172e75dfe46064688536a19604d1c94d5574
SHA512

2c0b4cbd56ed86ac3c872c39b2f4364ee8e9ff8dff96f465bd9a2d4f115812f5002ca6f6934bac70108d8ccff05a3d9af75b57d61e9b0b20cf6028139090be40
SSDEEP

49152:/WoEDzMlzhCARwxy2JY3KL/9qB9VdmoQt+CY9NZ9s4/28zc1TQwv0Hqg0XK/a/:yxnLlo97P/1K1XK/a

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

C:\Users\Admin\AppData\Local\Temp\Device\HarddiskVolume5\Users\MHassan\AppData\Roaming\ypsx_cloud_v2\wdcloud_v2.exe
"C:\Users\Admin\AppData\Local\Temp\Device\HarddiskVolume5\Users\MHassan\AppData\Roaming\ypsx_cloud_v2\wdcloud_v2.exe"
1⤵
PID:1908

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\SNPX_Data\User Data\Default\shared_proto_db\metadata\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit