Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2024 20:06

General

  • Target

    625456f6a8ee60bbf01376499ce024ec82d4ee2a60e297de3c4f5da292e65fef.exe

  • Size

    9.0MB

  • MD5

    d9eb99d9407a5403ab05fe672b4928cf

  • SHA1

    6e126a34e7b90045a0222ee9ecbf72d0024cf2e7

  • SHA256

    625456f6a8ee60bbf01376499ce024ec82d4ee2a60e297de3c4f5da292e65fef

  • SHA512

    7ac174ad9ab0349b9fa6f6ae0beee78886c7ac07a4a10cb0ba1765097c6ccebf2c00b3a74d8fd3fad979d00d38a61a1b507963129fb653fb4074f98d36f50264

  • SSDEEP

    196608:eAJcDKlFBqZcPzFwDxURK8vyqByLdlf3hRQIgLKN:tODKlFBqauayOclfhRQIG2

Malware Config

Signatures

  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\625456f6a8ee60bbf01376499ce024ec82d4ee2a60e297de3c4f5da292e65fef.exe
    "C:\Users\Admin\AppData\Local\Temp\625456f6a8ee60bbf01376499ce024ec82d4ee2a60e297de3c4f5da292e65fef.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:1600

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads