Analysis
-
max time kernel
105s -
max time network
113s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
19/01/2025, 18:54
Static task
static1
Behavioral task
behavioral1
Sample
851f74479e53dce889aed62388486b3e10d9ab4553d6b3da3f46ea7dc3a159d8.exe
Resource
win7-20240903-en
General
-
Target
851f74479e53dce889aed62388486b3e10d9ab4553d6b3da3f46ea7dc3a159d8.exe
-
Size
1.0MB
-
MD5
dd90c242da414233fcecb5a055b8a440
-
SHA1
0b607944175b1099cf07fad08f7b4e3d8b5a1989
-
SHA256
851f74479e53dce889aed62388486b3e10d9ab4553d6b3da3f46ea7dc3a159d8
-
SHA512
644d6a0b6f0f4ac2b5379a1fa734d295d5393f1000ab11bbe7b92852392d0bccbb009c2987f297e1b914d76ab779d7a5f1cbb6f849c972fff1fdbcfb126d956b
-
SSDEEP
24576:sD5EsM8KxD++TI7FnrB6mb1+pn/wWdIfS1wK:sjK5++kxnrB6yWdy+
Malware Config
Signatures
-
Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 4440 851f74479e53dce889aed62388486b3e10d9ab4553d6b3da3f46ea7dc3a159d8.exe 4440 851f74479e53dce889aed62388486b3e10d9ab4553d6b3da3f46ea7dc3a159d8.exe 4440 851f74479e53dce889aed62388486b3e10d9ab4553d6b3da3f46ea7dc3a159d8.exe 4440 851f74479e53dce889aed62388486b3e10d9ab4553d6b3da3f46ea7dc3a159d8.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
128KB
MD5207f9c35684041f7550edda26c201b94
SHA175225b813116acdcde75b7bbd32e2d42ac34129f
SHA256bc254111b0d205d3ef2c2cc91014e06d424ffebbc99076ab076acfc69a4eefb1
SHA5120187a5ef03fedafc217eee9a24b252b0f8b5a77960533a4a1df16152ef34a90ee7e3bd7463c5bd9adcdfc33d4bca1815713a9ee85db6f5f73a484411b69e977b