Overview

overview

10

Static

static

10

e98abb4c08...8c.exe

windows7-x64

7

e98abb4c08...8c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24-05-2024 11:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e98abb4c08856f031de8b2b190d643a180bbe0b3367afece69a5b9caedf4368c.exe

  • Size

    9.0MB

  • MD5

    ad456e5ea5dafc74dcf8ffe31f70cb0f

  • SHA1

    e609a4e0dd8f944ebf04558c9312ede10c106282

  • SHA256

    e98abb4c08856f031de8b2b190d643a180bbe0b3367afece69a5b9caedf4368c

  • SHA512

    c2af6688b0f4924b86da3d69830a50e9e09cab4b1c0aecf395ab86b2e0b319480c05dc6d5779438c93463c4d08751e81853e45ac6fe0c82fd429f5c41f0ad96c

  • SSDEEP

    196608:n2JcDKlFBqZcPzFwDxURK8vyqByLdlf3hRQIgLKN:2ODKlFBqauayOclfhRQIG2

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e98abb4c08856f031de8b2b190d643a180bbe0b3367afece69a5b9caedf4368c.exe
    "C:\Users\Admin\AppData\Local\Temp\e98abb4c08856f031de8b2b190d643a180bbe0b3367afece69a5b9caedf4368c.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2820

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads