Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
09/09/2024, 00:52
General
-
Target
9b081ca2d6a10d5681dff9972e77ad4b6669dbd8321da13b362fa73e6d1aaa2d.exe
-
Size
344KB
-
MD5
d2ce1d3196c0f19ffd9a6b7166c11736
-
SHA1
3b3ab24a1bffb9081ced30f9b60ad9ae2cdc14c2
-
SHA256
9b081ca2d6a10d5681dff9972e77ad4b6669dbd8321da13b362fa73e6d1aaa2d
-
SHA512
03edc5d8f961b6f799a8b678c685879352bd5b9f5cdc6426d6f4694eb054aadabea7bb2fe9fd648bfeefd6f6bc0e16b7157bf5188bbabf27dc258249915da59a
-
SSDEEP
6144:A/T3zd9AVAixibDqwbKhqjX9kjeKHYFqoECLrLnZF7tGUP+BgkTbXD/3/:A/XM4DShe9EcHPLrLZ5AICgkTP3/
Malware Config
Signatures
-
Reads data files stored by FTP clients 2 TTPs
Tries to access configuration files associated with programs like FileZilla.
-
Reads local data of messenger clients 2 TTPs
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files 1 TTPs
Steal credentials from unsecured files.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\9b081ca2d6a10d5681dff9972e77ad4b6669dbd8321da13b362fa73e6d1aaa2d.exe"C:\Users\Admin\AppData\Local\Temp\9b081ca2d6a10d5681dff9972e77ad4b6669dbd8321da13b362fa73e6d1aaa2d.exe"1⤵
- System Location Discovery: System Language Discovery