hackbrowserdata | eb97052899bb8e9d32865a2b3269122252942286618387278279d792b13dfd72

Analysis

max time kernel
118s
max time network
124s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
24/09/2024, 18:59

Target

eb97052899bb8e9d32865a2b3269122252942286618387278279d792b13dfd72.exe
Size

8.5MB
MD5

8d53eb752c4c26795c3cc334c9a64611
SHA1

f1a3d4a4a1110d616ad82bdb64d98b011adc00c7
SHA256

eb97052899bb8e9d32865a2b3269122252942286618387278279d792b13dfd72
SHA512

f501f8eee32ec863aa061be6fe07e382e38adeaa20b110792310f457af4591dec289145a7f10b6aa5023d5143e773312c5c5a4c078286d8604feb689db288e99
SSDEEP

196608:qa+ZIGwdfbWgPfZ0nwsiBOCaepkvxEcBqc2xHFJLc04ylx40tk:mZIGwdfjhTsigHvxE9c2xH/crylx402

Score

10^/10

An open source browser data exporter written in golang. 6 IoCs

resource	yara_rule
behavioral1/memory/572-6-0x0000000000B20000-0x000000000284E000-memory.dmp	family_hackbrowserdata
behavioral1/memory/572-2-0x0000000000B20000-0x000000000284E000-memory.dmp	family_hackbrowserdata
behavioral1/memory/572-3-0x0000000000B20000-0x000000000284E000-memory.dmp	family_hackbrowserdata
behavioral1/memory/572-9-0x0000000000B20000-0x000000000284E000-memory.dmp	family_hackbrowserdata
behavioral1/memory/572-4-0x0000000000B20000-0x000000000284E000-memory.dmp	family_hackbrowserdata
behavioral1/memory/572-5-0x0000000000B20000-0x000000000284E000-memory.dmp	family_hackbrowserdata

HackBrowserData
An open source golang web browser extractor.
infostealer hackbrowserdata

Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs

pid	Process
572	eb97052899bb8e9d32865a2b3269122252942286618387278279d792b13dfd72.exe
572	eb97052899bb8e9d32865a2b3269122252942286618387278279d792b13dfd72.exe

C:\Users\Admin\AppData\Local\Temp\eb97052899bb8e9d32865a2b3269122252942286618387278279d792b13dfd72.exe
"C:\Users\Admin\AppData\Local\Temp\eb97052899bb8e9d32865a2b3269122252942286618387278279d792b13dfd72.exe"
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
PID:572

memory/572-0-0x0000000000B20000-0x000000000284E000-memory.dmp

Filesize
29.2MB

Download
memory/572-1-0x000007FFFFBD0000-0x000007FFFFFA1000-memory.dmp

Filesize
3.8MB

Download
memory/572-8-0x0000000076FA0000-0x0000000077149000-memory.dmp

Filesize
1.7MB

Download
memory/572-7-0x0000000076FF1000-0x0000000076FF2000-memory.dmp

Filesize
4KB

Download
memory/572-6-0x0000000000B20000-0x000000000284E000-memory.dmp

Filesize
29.2MB

Download
memory/572-10-0x000007FFFFBD0000-0x000007FFFFFA1000-memory.dmp

Filesize
3.8MB

Download
memory/572-2-0x0000000000B20000-0x000000000284E000-memory.dmp

Filesize
29.2MB

Download
memory/572-3-0x0000000000B20000-0x000000000284E000-memory.dmp

Filesize
29.2MB

Download
memory/572-9-0x0000000000B20000-0x000000000284E000-memory.dmp

Filesize
29.2MB

Download
memory/572-4-0x0000000000B20000-0x000000000284E000-memory.dmp

Filesize
29.2MB

Download
memory/572-5-0x0000000000B20000-0x000000000284E000-memory.dmp

Filesize
29.2MB

Download