Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/11/2024, 22:02

General

  • Target

    424cce0ed667aff2ade14ed386884188c4f14fecaf5b810d313407dbcb0953b7.exe

  • Size

    92KB

  • MD5

    635066b619008b0d673ca5c780db3764

  • SHA1

    a8c8c6b82d4f6bdd30451de7e129750678f131a1

  • SHA256

    424cce0ed667aff2ade14ed386884188c4f14fecaf5b810d313407dbcb0953b7

  • SHA512

    0d49a299d1a425fbfbc4b8cdbd922692fc6a67fc5c3914f66f814e58c9d9005c90eb0b779ea368df151afc513f8bc5c7631bf5a540b142cbd1134caeaa952704

  • SSDEEP

    1536:DHB0UxMkzOt7HcvJGt5AdHIOWnToIf12ZqTUgatwoHVo:DhAWJGSCTBf12Z1gfoHV

Malware Config

Signatures

  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Drops file in System32 directory 64 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 64 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\424cce0ed667aff2ade14ed386884188c4f14fecaf5b810d313407dbcb0953b7.exe
    "C:\Users\Admin\AppData\Local\Temp\424cce0ed667aff2ade14ed386884188c4f14fecaf5b810d313407dbcb0953b7.exe"
    1⤵
    • Drops file in System32 directory
    • Drops file in Program Files directory
    • Drops file in Windows directory
    • System Location Discovery: System Language Discovery
    PID:2508

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads