hackbrowserdata | 2aef4cdf8846df0a35071e56e41c732b6259fbd2af6a288f81c9ce0fc1e7bcc3

Analysis

max time kernel
11s
max time network
19s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
08-10-2024 08:22

Target

2aef4cdf8846df0a35071e56e41c732b6259fbd2af6a288f81c9ce0fc1e7bcc3.exe
Size

11.9MB
MD5

51ee7c8663cd612fb83b3b6e35ff8277
SHA1

56bc5a66bbf1f4ba483b3e8c7b28c3dc48a642a0
SHA256

2aef4cdf8846df0a35071e56e41c732b6259fbd2af6a288f81c9ce0fc1e7bcc3
SHA512

e749714d4a5246dc77ebd0e8189bac5c8915687c0bba8fa827cd6c91d5027e0df43034554c5e9f85bf2bf9bc7d700c9c884533d1df8e0a0dba3dc6ec5665f53d
SSDEEP

196608:vSB2RFhgKUkVtFpNAMNwJGOV7JFI1xIgEcCrWpUhUsYbypZhQIY3lB6:vY2VTyMNmGO3FMxNCrWpRMZM1B

Score

10^/10

An open source browser data exporter written in golang. 6 IoCs

resource	yara_rule
behavioral1/memory/2980-4-0x00000000003D0000-0x0000000002922000-memory.dmp	family_hackbrowserdata
behavioral1/memory/2980-8-0x00000000003D0000-0x0000000002922000-memory.dmp	family_hackbrowserdata
behavioral1/memory/2980-2-0x00000000003D0000-0x0000000002922000-memory.dmp	family_hackbrowserdata
behavioral1/memory/2980-3-0x00000000003D0000-0x0000000002922000-memory.dmp	family_hackbrowserdata
behavioral1/memory/2980-6-0x00000000003D0000-0x0000000002922000-memory.dmp	family_hackbrowserdata
behavioral1/memory/2980-5-0x00000000003D0000-0x0000000002922000-memory.dmp	family_hackbrowserdata

HackBrowserData
An open source golang web browser extractor.
infostealer hackbrowserdata

Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

pid	Process
2980	2aef4cdf8846df0a35071e56e41c732b6259fbd2af6a288f81c9ce0fc1e7bcc3.exe

C:\Users\Admin\AppData\Local\Temp\2aef4cdf8846df0a35071e56e41c732b6259fbd2af6a288f81c9ce0fc1e7bcc3.exe
"C:\Users\Admin\AppData\Local\Temp\2aef4cdf8846df0a35071e56e41c732b6259fbd2af6a288f81c9ce0fc1e7bcc3.exe"
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
PID:2980

memory/2980-0-0x00000000003D0000-0x0000000002922000-memory.dmp

Filesize
37.3MB

Download
memory/2980-1-0x000007FFFFBD0000-0x000007FFFFFA1000-memory.dmp

Filesize
3.8MB

Download
memory/2980-7-0x00000000774F0000-0x0000000077500000-memory.dmp

Filesize
64KB

Download
memory/2980-4-0x00000000003D0000-0x0000000002922000-memory.dmp

Filesize
37.3MB

Download
memory/2980-9-0x000007FFFFBD0000-0x000007FFFFFA1000-memory.dmp

Filesize
3.8MB

Download
memory/2980-8-0x00000000003D0000-0x0000000002922000-memory.dmp

Filesize
37.3MB

Download
memory/2980-2-0x00000000003D0000-0x0000000002922000-memory.dmp

Filesize
37.3MB

Download
memory/2980-3-0x00000000003D0000-0x0000000002922000-memory.dmp

Filesize
37.3MB

Download
memory/2980-6-0x00000000003D0000-0x0000000002922000-memory.dmp

Filesize
37.3MB

Download
memory/2980-5-0x00000000003D0000-0x0000000002922000-memory.dmp

Filesize
37.3MB

Download