0a9c90b8c46c6d38d48f838df56530f0b3558e5415212abc0278c08b882c301e | Triage

Analysis

max time kernel
119s
max time network
122s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
12/03/2024, 11:40

Sharing

Report Analysis Logs

General

Target

main.exe
Size

25.6MB
MD5

3de5d4da1d860de2389a63757df5aef6
SHA1

0e1453bf09d623338db66a93b63f3cd09368ce39
SHA256

0a9c90b8c46c6d38d48f838df56530f0b3558e5415212abc0278c08b882c301e
SHA512

e234da489cbbaa8c080e85aa0fa0d90cd288f33061dad133e7b63a4602881526ba0243c5d246c1f9a19590d456fbdf305890bb18a89976e722e1ce8b3c32a7ed
SSDEEP

393216:catbmIvunTpIMdLCtWp5NJriYN9cXWo6UXE4Vv6MMDJbeWJyI+67bsQuIhf:Xb+uy

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

C:\Users\Admin\AppData\Local\Temp\main.exe
"C:\Users\Admin\AppData\Local\Temp\main.exe"
1⤵
PID:1880

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1880-0-0x000000013F360000-0x0000000140CA4000-memory.dmp

Filesize
25.3MB

Download