Overview

overview

10

Static

static

10

54bb4aad5f...75.exe

windows7-x64

9

54bb4aad5f...75.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    142s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-02-2024 03:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    54bb4aad5fef1e32777c2165a0ca9a7920d9029b7fbbe3886e06932a8db21675.exe

  • Size

    399KB

  • MD5

    45fd9224d365376207bc0d6a562cf39e

  • SHA1

    4454eb8eed1b6a0c15873b60bbf8dd09dcb10e6c

  • SHA256

    54bb4aad5fef1e32777c2165a0ca9a7920d9029b7fbbe3886e06932a8db21675

  • SHA512

    a4f9616285249f821714ac40b6188400624922384aee990535ee29b9ed61ffef67ddc5533f6c4a10cc76fdcac790b5bc613638ba5f3a479e108cbe46982ee683

  • SSDEEP

    6144:wjfeAkLUmv95G6HzHtZmIYEaWBx36V0JQQQma6QszRUQzUKyerReCVrK/EtbSbI+:wjfnkjv26TNZmFq36+xa6QS1tR8Iyn2

Score
9/10

Malware Config

Signatures

  • Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers. 1 IoCs
  • Detects executables containing SQL queries to confidential data stores. Observed in infostealers 1 IoCs
  • Detects executables manipulated with Fody 1 IoCs
  • Detects executables referencing Windows vault credential objects. Observed in infostealers 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\54bb4aad5fef1e32777c2165a0ca9a7920d9029b7fbbe3886e06932a8db21675.exe
    "C:\Users\Admin\AppData\Local\Temp\54bb4aad5fef1e32777c2165a0ca9a7920d9029b7fbbe3886e06932a8db21675.exe"
    1⤵
      PID:1264

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1264-0-0x0000000000930000-0x000000000099A000-memory.dmp

      Filesize

      424KB

      Download

    • memory/1264-2-0x00007FFF897E0000-0x00007FFF8A2A1000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/1264-3-0x00007FFF897E0000-0x00007FFF8A2A1000-memory.dmp

      Filesize

      10.8MB

      Download