4be5926e05095a40f520ee2b7cf9c1eb8c608570869a3ffbc01feddcf9e6a1d1 | Triage

Analysis

max time kernel
121s
max time network
125s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
20-03-2024 02:12

Sharing

Report Analysis Logs

General

Target

4be5926e05095a40f520ee2b7cf9c1eb8c608570869a3ffbc01feddcf9e6a1d1.exe
Size

40KB
MD5

fdb249e9f54dc03c7ac1a4513d6ee233
SHA1

f6579422ef9da63a652ec8a7a029e152aa000915
SHA256

4be5926e05095a40f520ee2b7cf9c1eb8c608570869a3ffbc01feddcf9e6a1d1
SHA512

8950c191b9fe5063106fe5e3baa06e553a73d7b8547f815e934d4ea5f6bb64389fb17dfe700ef8b6c34f04b966c6fd50d4666ca483ca2d93e93e899ee1ed368f
SSDEEP

768:M4aqgcRPCOZuQISosPyehgl4TdTLs1PBbAcLr2BXxjV1VaXLkjO:KaIP4TdTLs1PBbAc/+BjP0l

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

C:\Users\Admin\AppData\Local\Temp\4be5926e05095a40f520ee2b7cf9c1eb8c608570869a3ffbc01feddcf9e6a1d1.exe
"C:\Users\Admin\AppData\Local\Temp\4be5926e05095a40f520ee2b7cf9c1eb8c608570869a3ffbc01feddcf9e6a1d1.exe"
1⤵
PID:2208

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2208-0-0x0000000000810000-0x000000000081E000-memory.dmp

Filesize
56KB

Download
memory/2208-2-0x0000000074660000-0x0000000074D4E000-memory.dmp

Filesize
6.9MB

Download
memory/2208-9-0x0000000074660000-0x0000000074D4E000-memory.dmp

Filesize
6.9MB

Download