Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
-
submitted
04-07-2024 20:01
General
-
Target
East-Tec.All.Products.Universal.Keygen.v1.0.WinALL.Keygen.Only-BRD.exe
-
Size
350KB
-
MD5
4b1ee35a02a9bff963c25c529ae73528
-
SHA1
b0aaa433d92cdc00db307dc2ec37d626935de4b1
-
SHA256
8d740e12b3a15091d74aa3e3c4e1221fbfe1fcfb43d49b2afece2a09a700b1b8
-
SHA512
41c8fecaee1c25552354e8b12e5f8ddae397063fa4d9507ceb4708b1988bd56ccfb952f17f01063357592f7fb13ad6b41a44904d1b8c7068191d9a8faa698d12
-
SSDEEP
1536:0z3HBexMQT+2umeWO2+FPx/lXYVAG8Zs7kfl/ig8OQ:ZxMQeXYVQsel/iwQ
Score
7/10
Malware Config
Signatures
-
Reads data files stored by FTP clients 2 TTPs
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\East-Tec.All.Products.Universal.Keygen.v1.0.WinALL.Keygen.Only-BRD.exe"C:\Users\Admin\AppData\Local\Temp\East-Tec.All.Products.Universal.Keygen.v1.0.WinALL.Keygen.Only-BRD.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx