a1ae79bad0146e01f073d1adfe009abc8125d4b8a0e20ea54a1184e130007941 | Triage

Analysis

max time kernel
121s
max time network
126s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
13/02/2024, 06:22

Sharing

Report Analysis Logs

General

Target

98b407c7d6be359c9ea35cbb6f3f49d8.exe
Size

4.3MB
MD5

98b407c7d6be359c9ea35cbb6f3f49d8
SHA1

756dae3beb91c4d0c6aad2d396c2f857dfbc1c3c
SHA256

a1ae79bad0146e01f073d1adfe009abc8125d4b8a0e20ea54a1184e130007941
SHA512

bff03a42f372706a289563535124fd55df1fecf8d4fba2f9bfaf0c9ce31ff02b97aefb4349fa6b08bc084b1d62c57a7a3efb4cfa53b3653e41f63ab5ed22843e
SSDEEP

49152:uUi3VpFcn89NTR93qzd6UfO38fWAtPvu3thZIQPE:8X8O8PvC7E

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

C:\Users\Admin\AppData\Local\Temp\98b407c7d6be359c9ea35cbb6f3f49d8.exe
"C:\Users\Admin\AppData\Local\Temp\98b407c7d6be359c9ea35cbb6f3f49d8.exe"
1⤵
PID:2280

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads