Analysis
-
max time kernel
141s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
03/02/2024, 01:01
General
-
Target
c5997e44167a6f93cbbf9d908ef9726e8a91eca39a37596cbb584ba163449ce1.exe
-
Size
447KB
-
MD5
0b50b4b929f606927f37f664fec47083
-
SHA1
14547188894efa219fc7acdd5ddf873995911b14
-
SHA256
c5997e44167a6f93cbbf9d908ef9726e8a91eca39a37596cbb584ba163449ce1
-
SHA512
2e7a0d25d0d8227317845418f8ddf8d82702cbeac65104c5704d931bd21f5e80899a50a144e3742057a65476863b2473e738540c6cad1a5b14f2531250865923
-
SSDEEP
12288:M7lKOzbIa9EW2ikdjJtZMU8ZFtPh61rrOrrp9N:M7lZzMaeW2ikddtZMU8ZR6
Score
7/10
Malware Config
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 34 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\c5997e44167a6f93cbbf9d908ef9726e8a91eca39a37596cbb584ba163449ce1.exe"C:\Users\Admin\AppData\Local\Temp\c5997e44167a6f93cbbf9d908ef9726e8a91eca39a37596cbb584ba163449ce1.exe"1⤵
- Suspicious behavior: EnumeratesProcesses