windealer | 28df5c75a2f78120ff96d4a72a3c23cee97c9b46c96410cf591af38cb4aed0fa | Triage

Submit
Reports

Overview

overview

Static

static

28df5c75a2...fa.exe

windows7_x64

28df5c75a2...fa.exe

windows10-2004_x64

Sharing

General

Target

28df5c75a2f78120ff96d4a72a3c23cee97c9b46c96410cf591af38cb4aed0fa.bin
Size

364KB
Sample

220610-pp9q1sfdf9
MD5

cc7207f09a6fe41c71626ad4d3f127ce
SHA1

84e749c37978f9387e16fab29c7b1b291be93a63
SHA256

28df5c75a2f78120ff96d4a72a3c23cee97c9b46c96410cf591af38cb4aed0fa
SHA512

c7f236f1bafa9192ba30f40b6cbc0e74c89a5b4d7ae95fa98d1ace3857849ba37d2211a2c42bb4f348bd218e1ce28a7006bbda07e3e1e51c09a806da17f9f655

Score

10^/10

windealer stealer suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

28df5c75a2f78120ff96d4a72a3c23cee97c9b46c96410cf591af38cb4aed0fa.exe

Resource

win7-20220414-en

windealer stealer suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

28df5c75a2f78120ff96d4a72a3c23cee97c9b46c96410cf591af38cb4aed0fa.exe

Resource

win10v2004-20220414-en

windealer stealer suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  28df5c75a2f78120ff96d4a72a3c23cee97c9b46c96410cf591af38cb4aed0fa.bin
- Size
  
  364KB
- MD5
  
  cc7207f09a6fe41c71626ad4d3f127ce
- SHA1
  
  84e749c37978f9387e16fab29c7b1b291be93a63
- SHA256
  
  28df5c75a2f78120ff96d4a72a3c23cee97c9b46c96410cf591af38cb4aed0fa
- SHA512
  
  c7f236f1bafa9192ba30f40b6cbc0e74c89a5b4d7ae95fa98d1ace3857849ba37d2211a2c42bb4f348bd218e1ce28a7006bbda07e3e1e51c09a806da17f9f655
Score

10^/10

windealer stealer suricata trojan
- Detect WinDealer information stealer
  stealer
- WinDealer
  WinDealer is an info stealer used by LuoYu group.
  stealer trojan windealer
- suricata: ET MALWARE Win32/WinDealer CnC Activity (Checkin)
  suricata: ET MALWARE Win32/WinDealer CnC Activity (Checkin)
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

windealerstealersuricatatrojan

behavioral2

windealerstealersuricatatrojan

© 2018-2024

Terms | Privacy