Analysis
-
max time kernel
135s -
max time network
124s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
23-05-2024 04:34
Behavioral task
behavioral1
Sample
413ca8a2b0be9632c2f626f9e8b630e3985adf011102e563462fc9d092f18ef6.exe
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
General
-
Target
413ca8a2b0be9632c2f626f9e8b630e3985adf011102e563462fc9d092f18ef6.exe
-
Size
9.0MB
-
MD5
d796dca47874d2848f19ba80859a1dbb
-
SHA1
7a6def1eab1a93ef93a4182f22c0a7eedb2f0314
-
SHA256
413ca8a2b0be9632c2f626f9e8b630e3985adf011102e563462fc9d092f18ef6
-
SHA512
506c6d3e41bc5e212068383ff790bc4a871af36008d47c956528e5901e85a5df21002cdb665f967f6f5b690dc961ac7d65a11b61a8527a98b025507c3dfd1734
-
SSDEEP
196608:nVJcDKlFBqkwDxURK8vyqByLdlf3hRQIgLKN:VODKlFBqHayOclfhRQIG2
Malware Config
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
413ca8a2b0be9632c2f626f9e8b630e3985adf011102e563462fc9d092f18ef6.exepid process 2500 413ca8a2b0be9632c2f626f9e8b630e3985adf011102e563462fc9d092f18ef6.exe 2500 413ca8a2b0be9632c2f626f9e8b630e3985adf011102e563462fc9d092f18ef6.exe