Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2024 20:07

General

  • Target

    b328fe00549e65602144d160a9256de593d6ff6a338dc3841eaadd0a7f7c16c0.exe

  • Size

    9.0MB

  • MD5

    c08e263dfca802f63c1b3fb14fad3fc4

  • SHA1

    2cccbe9c2a4d247127ace8663d3573d96daa846d

  • SHA256

    b328fe00549e65602144d160a9256de593d6ff6a338dc3841eaadd0a7f7c16c0

  • SHA512

    5b1474f0de8e3da4b3c5d1baa1be73f8e0337d9a0f92ec40f7fbb8c1e32b666ffa391768efec474db41691f8c2471b3a1fbc369edc7df0e33f4e7079949700d4

  • SSDEEP

    196608:j1JcDKlFBqZcPzFwDxURK8vyqByLdlf3hRQIgLKN:5ODKlFBqauayOclfhRQIG2

Malware Config

Signatures

  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b328fe00549e65602144d160a9256de593d6ff6a338dc3841eaadd0a7f7c16c0.exe
    "C:\Users\Admin\AppData\Local\Temp\b328fe00549e65602144d160a9256de593d6ff6a338dc3841eaadd0a7f7c16c0.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2568

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads