Analysis
-
max time kernel
155s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
01/02/2024, 07:49
General
-
Target
86552866d14bb032a92d3d80b7b31929.exe
-
Size
878KB
-
MD5
86552866d14bb032a92d3d80b7b31929
-
SHA1
66b9006323c3ada3851468bace5c1e0df7dc0b31
-
SHA256
ae7dbd2586471669127e85f994e87b628876aac2b5f7a33738c82dc7cd4fb8b1
-
SHA512
27c2eab6cdeb98e314e00a5e4216c1da010f9f2692153b662a04a224c937867ee1150f0ee4b3cbc3f8be313546923020970101b84ed6a6ba5b6829aafda23a27
-
SSDEEP
24576:e3pRurPdW79gz4ptp/zLzuBDWTS3pTik2q:e3pRWy3pPzmhZTik2
Malware Config
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Suspicious use of NtSetInformationThreadHideFromDebugger 14 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\86552866d14bb032a92d3d80b7b31929.exe"C:\Users\Admin\AppData\Local\Temp\86552866d14bb032a92d3d80b7b31929.exe"1⤵
- Adds Run key to start application
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6KB
MD5439ce91350c31426577c56e0644e99ec
SHA19626d8f03c8913ae25e7a6cd8df614550444d98f
SHA25648c22daf9bd8bc0f5acb5799832e30b18036754a92d2159388725e6602fe8e81
SHA512db8efe35bae184c4dac417686a87d64c9345e0377fb8f8a873fd4902b9ab4d03c0746210a4587765c570e757510d40361bfd778f85c0267aa99ea41b887e2ab9
-
Filesize
4.2MB
-
Filesize
4.2MB
-
Filesize
4KB
-
Filesize
4.2MB
-
Filesize
4.2MB
-
Filesize
4.2MB
-
Filesize
4.2MB
-
Filesize
4.2MB
-
Filesize
4.2MB
-
Filesize
4KB
-
Filesize
4.2MB
-
Filesize
4.2MB
-
Filesize
4.2MB
-
Filesize
4.2MB
-
Filesize
4.2MB
-
Filesize
4.2MB
-
Filesize
4.2MB
-
Filesize
4.2MB
-
Filesize
4.2MB