Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
11/03/2024, 02:50
General
-
Target
bfa5b8f859b7c3f38da7600081ff98fe.exe
-
Size
360KB
-
MD5
bfa5b8f859b7c3f38da7600081ff98fe
-
SHA1
d4280e68f994a6c90ca2582f932a2a4b4c0d4151
-
SHA256
7362f9dc674c6a4da4e5f8972ec3d5958e655cae06e768bdaaed3b928c1b3fcb
-
SHA512
f58642c2b3e5c021da1c59a7dc1d5f164e4af6003ecdca09b1f0dccbac163d67ce8ee7e38d7d901d3348d93c8d98ae9740182c774d7afd3a80a32d0d34a29f49
-
SSDEEP
6144:50PEtTPkAuAfjlJuj3QjgJ6snJZ/RjY07qVyLOyFTzVxh3VAitO8yb8D/3/sTJ:50m3blK36QhuIOyFHxlAaO8ye3/
Score
7/10
Malware Config
Signatures
-
Reads data files stored by FTP clients 2 TTPs
Tries to access configuration files associated with programs like FileZilla.
-
Reads local data of messenger clients 2 TTPs
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
Processes
-
C:\Users\Admin\AppData\Local\Temp\bfa5b8f859b7c3f38da7600081ff98fe.exe"C:\Users\Admin\AppData\Local\Temp\bfa5b8f859b7c3f38da7600081ff98fe.exe"1⤵