Analysis
-
max time kernel
83s -
max time network
32s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
19/01/2025, 18:54
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
851f74479e53dce889aed62388486b3e10d9ab4553d6b3da3f46ea7dc3a159d8.exe
Resource
win7-20240903-en
4 signatures
120 seconds
General
-
Target
851f74479e53dce889aed62388486b3e10d9ab4553d6b3da3f46ea7dc3a159d8.exe
-
Size
1.0MB
-
MD5
dd90c242da414233fcecb5a055b8a440
-
SHA1
0b607944175b1099cf07fad08f7b4e3d8b5a1989
-
SHA256
851f74479e53dce889aed62388486b3e10d9ab4553d6b3da3f46ea7dc3a159d8
-
SHA512
644d6a0b6f0f4ac2b5379a1fa734d295d5393f1000ab11bbe7b92852392d0bccbb009c2987f297e1b914d76ab779d7a5f1cbb6f849c972fff1fdbcfb126d956b
-
SSDEEP
24576:sD5EsM8KxD++TI7FnrB6mb1+pn/wWdIfS1wK:sjK5++kxnrB6yWdy+
Malware Config
Signatures
-
Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
-
Suspicious behavior: EnumeratesProcesses 3 IoCs
pid Process 2404 851f74479e53dce889aed62388486b3e10d9ab4553d6b3da3f46ea7dc3a159d8.exe 2404 851f74479e53dce889aed62388486b3e10d9ab4553d6b3da3f46ea7dc3a159d8.exe 2404 851f74479e53dce889aed62388486b3e10d9ab4553d6b3da3f46ea7dc3a159d8.exe