Analysis
-
max time kernel
105s -
max time network
135s -
platform
windows10-2004_x64 -
resource
win10v2004-20250314-en -
resource tags
-
submitted
01/04/2025, 08:39
General
-
Target
2025-04-01_c606daebf8e74fcdf4336e3f1356a562_frostygoop_ghostlocker_hijackloader_luca-stealer_sliver_snatch.exe
-
Size
14.1MB
-
MD5
c606daebf8e74fcdf4336e3f1356a562
-
SHA1
a6768e347ae10bb84326bd1bf4daaed06b6f607e
-
SHA256
09c054930d20fff35b2a0f5edb4fbcf0d0fdc3cdc37319ef43f45df06c855262
-
SHA512
fe5da708d2450463c19a61cb35ad1982bc79bd794a714e6c8faa89e74dc32524f536f11e60475c373f644f7b960950ea55dd70c16adc190daea8fe530ef81d08
-
SSDEEP
196608:8sKMN9UEm0/97EO7Zq7ORCh/mE7J3fNZ25Mt:W4U7+9gT7IChH7lfNZ2Ct
Score
7/10
Malware Config
Signatures
-
Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
Processes
-
C:\Users\Admin\AppData\Local\Temp\2025-04-01_c606daebf8e74fcdf4336e3f1356a562_frostygoop_ghostlocker_hijackloader_luca-stealer_sliver_snatch.exe"C:\Users\Admin\AppData\Local\Temp\2025-04-01_c606daebf8e74fcdf4336e3f1356a562_frostygoop_ghostlocker_hijackloader_luca-stealer_sliver_snatch.exe"1⤵