Resubmissions

19-07-2020 19:03

200719-cs9j3nv856 7

Analysis

  • max time kernel
    147s
  • max time network
    42s
  • platform
    windows7_x64
  • resource
    win7
  • submitted
    19-07-2020 19:03

General

  • Target

    3b65dbd9b05019aae658c21f7fcb18dd29eea1555cc26c3fa12b9aa74ea55b88.bin.exe

  • Size

    344KB

  • MD5

    edd31ea8252b9105a928419e81bf1049

  • SHA1

    1c1acfee6a97f17f7a1a65fcb7eff654a5ce53f6

  • SHA256

    3b65dbd9b05019aae658c21f7fcb18dd29eea1555cc26c3fa12b9aa74ea55b88

  • SHA512

    52bbf9800d2b99ae2e1a862abebe597a52cf2a0b3c458b34987ffaa38bba0c6b14d125d6172544851f1d04e1dc5028ad8c10de95a73461f9ddbbaec85997a6b7

Score
7/10

Malware Config

Signatures

  • Drops startup file 2 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

Processes

  • C:\Users\Admin\AppData\Local\Temp\3b65dbd9b05019aae658c21f7fcb18dd29eea1555cc26c3fa12b9aa74ea55b88.bin.exe
    "C:\Users\Admin\AppData\Local\Temp\3b65dbd9b05019aae658c21f7fcb18dd29eea1555cc26c3fa12b9aa74ea55b88.bin.exe"
    1⤵
    • Drops startup file
    PID:1124

Network

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1124-1-0x0000000000000000-0x0000000000000000-disk.dmp