dc68a0a13aa0a1bf5394dd04e59ef2916f0b31a964730a17b0ff4afeac5888dc | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

dc68a0a13a...dc.exe

windows7_x64

8

dc68a0a13a...dc.exe

windows10_x64

Sharing

General

Target

dc68a0a13aa0a1bf5394dd04e59ef2916f0b31a964730a17b0ff4afeac5888dc.exe
Size

399KB
Sample

200707-zwqp8xblhj
MD5

dc02167cff131c6e6c0a2801f1eb3b0c
SHA1

20d395af135774018632b34dd6987ebfe43db43d
SHA256

dc68a0a13aa0a1bf5394dd04e59ef2916f0b31a964730a17b0ff4afeac5888dc
SHA512

438864813274ec6a5a9350391994de17512d957eccd4ffb4d7113e15e69e3c5171d94eb90c0081ac05c1a616ffe53999fd5bc46dda242847b4dcd7eaa1837362

Score

10^/10

discovery spyware

Static task

static1

Behavioral task

behavioral1

Sample

dc68a0a13aa0a1bf5394dd04e59ef2916f0b31a964730a17b0ff4afeac5888dc.exe

Resource

win7

discovery spyware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

dc68a0a13aa0a1bf5394dd04e59ef2916f0b31a964730a17b0ff4afeac5888dc.exe

Resource

win10v200430

spyware discovery

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  dc68a0a13aa0a1bf5394dd04e59ef2916f0b31a964730a17b0ff4afeac5888dc.exe
- Size
  
  399KB
- MD5
  
  dc02167cff131c6e6c0a2801f1eb3b0c
- SHA1
  
  20d395af135774018632b34dd6987ebfe43db43d
- SHA256
  
  dc68a0a13aa0a1bf5394dd04e59ef2916f0b31a964730a17b0ff4afeac5888dc
- SHA512
  
  438864813274ec6a5a9350391994de17512d957eccd4ffb4d7113e15e69e3c5171d94eb90c0081ac05c1a616ffe53999fd5bc46dda242847b4dcd7eaa1837362
Score

10^/10

discovery spyware
- Suspicious use of NtCreateProcessExOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Checks for installed software on the system
  discovery
- Legitimate hosting services abused for malware hosting/C2
- Program crash
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Web Service

Credential Access

Credentials in Files

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspyware

behavioral2

spywarediscovery

© 2018-2025

Terms | Privacy