ced464a0fe829c716abd9ed32a036290703881dcc41d4c961c36a2e1eebd672e

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
06/03/2024, 14:17

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

ced464a0fe829c716abd9ed32a036290703881dcc41d4c961c36a2e1eebd672e.exe
Size

48KB
MD5

619fd16ff41c81f128d4eeeac5e92635
SHA1

25271bd5d52e5a3d1c1415b120bb950aa80214db
SHA256

ced464a0fe829c716abd9ed32a036290703881dcc41d4c961c36a2e1eebd672e
SHA512

109c4f05d8a10641fd3a96cdbe2d0811993ef352ffe7db6d56f2047ef279fb4a91cd65026cb367dddec35bff1181f3e88abc023b2d4fe9636a9db3edd9a93501
SSDEEP

384:Yphk1qGvq/a/ryIstUT4FPwk5wAjFwyXILah1/VBjzYwXfA/ae/n:Yc1qGAWrGOkFTxKe/VBjzYUqxP

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3132	ced464a0fe829c716abd9ed32a036290703881dcc41d4c961c36a2e1eebd672e.exe

C:\Users\Admin\AppData\Local\Temp\ced464a0fe829c716abd9ed32a036290703881dcc41d4c961c36a2e1eebd672e.exe
"C:\Users\Admin\AppData\Local\Temp\ced464a0fe829c716abd9ed32a036290703881dcc41d4c961c36a2e1eebd672e.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:3132

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads