25e20d534b29d58a312a17768f3ac46390155f643ea5d6dc3e6e3e52e9b97223 | Triage

Analysis

max time kernel
118s
max time network
122s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
02/02/2024, 04:36

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

8892d9d704ab8aabafdc56ef1422b551.exe
Size

4.4MB
MD5

8892d9d704ab8aabafdc56ef1422b551
SHA1

99ce6d309265fca86d803791b219563133ddd9d8
SHA256

25e20d534b29d58a312a17768f3ac46390155f643ea5d6dc3e6e3e52e9b97223
SHA512

7a913d60f1d0c8ff1e80fb3ec4e7a7bda29e5c21bcda5cd9b2677c77b0ac4f135aade61ec03b534379e4f3e83930973ee8a1d12e0be84dd6596a3cd40d8456c4
SSDEEP

49152:20G4tMEJDX0zerj4YVrG32nFi2KTvh9VJ9wIhKWazIsCX0:XeGjtrdEvVJuIjazn

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

C:\Users\Admin\AppData\Local\Temp\8892d9d704ab8aabafdc56ef1422b551.exe
"C:\Users\Admin\AppData\Local\Temp\8892d9d704ab8aabafdc56ef1422b551.exe"
1⤵
PID:2756

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads