Overview

overview

10

Static

static

10

a9e3d37820...ba.exe

windows7-x64

7

a9e3d37820...ba.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    19s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    03-09-2024 05:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a9e3d37820514d8f48f1573a02bca90c4d369327863c23a9248ad22e207fcfba.exe

  • Size

    9.1MB

  • MD5

    5b92096defc532d1e6527d062c9856f5

  • SHA1

    74edda1adbdeb5d81a41b0149b60dd9a6ffc1f3f

  • SHA256

    a9e3d37820514d8f48f1573a02bca90c4d369327863c23a9248ad22e207fcfba

  • SHA512

    0a8726a5e437dfb57e81699d25e9ceea797e105a9a950436c88f55f167be26cf794f4ba52a66c36e29c38f94febfcf8f9d5027a504b81c84f99fcab86a9b39c6

  • SSDEEP

    196608:N3JcDKlFBqm3jGVARK8OSqY4i5KPa/hdHDRQIgLKN:tODKlFBq69qs5x/jHDRQIG2

Score
7/10
discoveryspywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a9e3d37820514d8f48f1573a02bca90c4d369327863c23a9248ad22e207fcfba.exe
    "C:\Users\Admin\AppData\Local\Temp\a9e3d37820514d8f48f1573a02bca90c4d369327863c23a9248ad22e207fcfba.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:1292

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads