983822688d74ef6341f33a8a6b7ff476094678e373e9934d8b749ed3ed61bfbc | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

suk.exe

windows10-2004-x64

7

Sharing

General

Target

suk.exe
Size

15.1MB
Sample

220930-k1hdpaeaam
MD5

29c5707b4f3626606777fb4d66f55fb0
SHA1

1b5b269dd23a72c5cb6ec6f80b0d6210f552d87b
SHA256

983822688d74ef6341f33a8a6b7ff476094678e373e9934d8b749ed3ed61bfbc
SHA512

cd3da244f336e30b609683ffef3ce14312c420ae5e32d27a3c3e7347cafff55cacdaf5b0ad484b717a55ec2e32609da3785873cec14c87e98728ebb0a37727a2
SSDEEP

393216:NbtwR5J3e3/TehYYfkP1UricCyCdN7mUh/CiIi02czJo:r0TeLyYYfE1UricCyCdN7mECiz02Y

Score

7^/10

pyinstaller spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

suk.exe

Resource

win10v2004-20220812-en

spyware stealer

windows10-2004-x64

6 signatures

60 seconds

Malware Config

Targets

- Target
  
  suk.exe
- Size
  
  15.1MB
- MD5
  
  29c5707b4f3626606777fb4d66f55fb0
- SHA1
  
  1b5b269dd23a72c5cb6ec6f80b0d6210f552d87b
- SHA256
  
  983822688d74ef6341f33a8a6b7ff476094678e373e9934d8b749ed3ed61bfbc
- SHA512
  
  cd3da244f336e30b609683ffef3ce14312c420ae5e32d27a3c3e7347cafff55cacdaf5b0ad484b717a55ec2e32609da3785873cec14c87e98728ebb0a37727a2
- SSDEEP
  
  393216:NbtwR5J3e3/TehYYfkP1UricCyCdN7mUh/CiIi02czJo:r0TeLyYYfE1UricCyCdN7mECiz02Y
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy