67f1c0de4d8f25c0092d24f538d11c3a6ddeb4dd28348fdbc1f96394f94258d9 | Triage

Submit
Reports

Overview

overview

Static

static

18ec8f5f89...0b.exe

windows7-x64

7

18ec8f5f89...0b.exe

windows10-2004-x64

7

Analysis

max time kernel
147s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
12/10/2023, 08:54

Sharing

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

18ec8f5f89a9410037c153399cc7e6dd49d438803f7747c201bab7d6c548f10b.exe

Resource

win7-20230831-en

spyware stealer

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

18ec8f5f89a9410037c153399cc7e6dd49d438803f7747c201bab7d6c548f10b.exe

Resource

win10v2004-20230915-en

spyware stealer

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

18ec8f5f89a9410037c153399cc7e6dd49d438803f7747c201bab7d6c548f10b.exe
Size

29KB
MD5

5aa50bc32147062229a7ac6f60e15523
SHA1

b4c210df01cc8a3812a25407001ac7caa9391357
SHA256

18ec8f5f89a9410037c153399cc7e6dd49d438803f7747c201bab7d6c548f10b
SHA512

2be12b7640c7abc9132b0beeb1110305fa359023021d2bf9c9b6f4428981688e981d1cb25d9314b1b538e2ca867e940ccb611d71b5dd079c036a312ea2aebaa2
SSDEEP

384:n3NudP6s4SEms0F10yEVlOtxtx9gN8cJkgQXkxbc+urVbgOROp/adpZpTJHabHhT:n8UtP704OJnVkxbcTrVsOO/iBC+q

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Processes

C:\Users\Admin\AppData\Local\Temp\18ec8f5f89a9410037c153399cc7e6dd49d438803f7747c201bab7d6c548f10b.exe
"C:\Users\Admin\AppData\Local\Temp\18ec8f5f89a9410037c153399cc7e6dd49d438803f7747c201bab7d6c548f10b.exe"
1⤵
PID:4140

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4140-0-0x0000000002B20000-0x0000000002B21000-memory.dmp

Filesize
4KB

Download

© 2018-2025

Terms | Privacy