be90083aacdd2a3bba483b56ae5b3261317add57233873f86f037aeb3428e662 | Triage

Submit
Reports

Overview

overview

8

Static

static

tracker.doc

windows7_x64

8

tracker.doc

windows10_x64

1

Sharing

Copy URL Twitter E-mail

General

Target

tracker.doc
Size

211KB
Sample

200709-2mcg5ntyzs
MD5

9c78815dce144b8ee97f952d3e8c106b
SHA1

2c4b4d224c4577a5c513baaa9318b5b2d962b483
SHA256

be90083aacdd2a3bba483b56ae5b3261317add57233873f86f037aeb3428e662
SHA512

740f258ff43f821e37dc6ea8fae043d4894cfb5fc6a2c798f89899629a5c61320cc84ba75be0efdb106e3dae181cbecd51522360a8f236ca486da69602ecb565

Score

8^/10

persistence spyware

Static task

static1

Behavioral task

behavioral1

Sample

tracker.doc

Resource

win7

persistence spyware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

tracker.doc

Resource

win10v200430

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  tracker.doc
- Size
  
  211KB
- MD5
  
  9c78815dce144b8ee97f952d3e8c106b
- SHA1
  
  2c4b4d224c4577a5c513baaa9318b5b2d962b483
- SHA256
  
  be90083aacdd2a3bba483b56ae5b3261317add57233873f86f037aeb3428e662
- SHA512
  
  740f258ff43f821e37dc6ea8fae043d4894cfb5fc6a2c798f89899629a5c61320cc84ba75be0efdb106e3dae181cbecd51522360a8f236ca486da69602ecb565
Score

8^/10

persistence spyware
- Blacklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Adds Run entry to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Exploitation for Client Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespyware

behavioral2

© 2018-2025

Terms | Privacy