f84814c8c604dcea998f1ea8ac3c87735f441b2905de304ed95b9f191760b43e | Triage

Analysis

max time kernel
122s
max time network
124s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
14/03/2024, 04:07

Sharing

Report Analysis Logs

General

Target

15bbb2b1116cbb397e608a914c7cc8249f1bdae84bfc25c871928b79599410e0.exe
Size

25.6MB
MD5

ce138653424ebdf94bea7738587a95ff
SHA1

7bcebcf41143e40386e7e67069a24f035cf911a2
SHA256

15bbb2b1116cbb397e608a914c7cc8249f1bdae84bfc25c871928b79599410e0
SHA512

773202ee9fdb7cc4a6357781516197410d93f70a85239fee5b9b1a74b7b39a67b409f0dc82b0c4ed9e2c12b5c575bb3055889be8916c4c84e00fa4e3bfc8bb7e
SSDEEP

393216:VWUXIVvunTpIMdL2tWG5NJDKYN9EX0oCUXk4VN6MMDJbeWJvIEZoY/NRCkvAwokw:bXKA/kDs

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

C:\Users\Admin\AppData\Local\Temp\15bbb2b1116cbb397e608a914c7cc8249f1bdae84bfc25c871928b79599410e0.exe
"C:\Users\Admin\AppData\Local\Temp\15bbb2b1116cbb397e608a914c7cc8249f1bdae84bfc25c871928b79599410e0.exe"
1⤵
PID:2344

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2344-0-0x000000013F360000-0x0000000140CA4000-memory.dmp

Filesize
25.3MB

Download