d084556cf82bbf389f6d507c65a4cdb13a4bb9f9cb5b0095ab20221e7ab5f0dc | Triage

Analysis

max time kernel
1s
max time network
7s
platform
windows11-21h2_x64
resource
win11-20240426-en
resource tags

arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
submitted
29-05-2024 08:29

Sharing

Report Analysis Logs

General

Target

netversion.exe
Size

2.7MB
MD5

895d3aae07a7c5f0e2672d1467133300
SHA1

7b97cd02372984e86f9d9cfe0a20531b49dff2c5
SHA256

d084556cf82bbf389f6d507c65a4cdb13a4bb9f9cb5b0095ab20221e7ab5f0dc
SHA512

e60af38acacb195ed42cf1aa9db2ed91da0e47e0bce8e45eaa9f198c99ff05de8f06103dfcded22a6bea3386a32aae741ed6666cb373fce749825519bc2c6e93
SSDEEP

49152:cPl+E6PooSlY9Cy1jIggUnkTzHpEyITBKPS2lUu4pgxRswW:8Wo7e9Cy1jsz962lJxRs

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

C:\Users\Admin\AppData\Local\Temp\netversion.exe
"C:\Users\Admin\AppData\Local\Temp\netversion.exe"
1⤵
PID:2188

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads