416d47f1be7774def2125aa6a55663fee6bf8193c3b1230a01d7d004edec9b08 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

416d47f1be...08.exe

windows7-x64

7

416d47f1be...08.exe

windows10-2004-x64

7

Analysis

max time kernel
80s
max time network
84s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
11/10/2022, 05:14

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

416d47f1be7774def2125aa6a55663fee6bf8193c3b1230a01d7d004edec9b08.exe

Resource

win7-20220812-en

spyware stealer

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

416d47f1be7774def2125aa6a55663fee6bf8193c3b1230a01d7d004edec9b08.exe

Resource

win10v2004-20220812-en

spyware stealer

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

416d47f1be7774def2125aa6a55663fee6bf8193c3b1230a01d7d004edec9b08.exe
Size

803KB
MD5

7c06f11980d1cdafac8575d426f6c850
SHA1

e3aadb4dc026db5ac53c59c9d7f3cfc3f3dc239e
SHA256

416d47f1be7774def2125aa6a55663fee6bf8193c3b1230a01d7d004edec9b08
SHA512

d898b38eb2bdafb0f2ebcbe1b44ccba5c23983ba4dc0e3831ae92180b052cda2fa1f3bca010c84446dae21bc9e48a9ebd5034aeb9fd1b1b58e2cfd077b04c3fa
SSDEEP

12288:1IzrgcJ0y9LeuTGwmxw/oCJ+iIT7dwsrHq30l9q3mxdgP1Or9dFfufddWwMC:1TydRTGwztaHrHbl9qvtELufdxMC

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials in Files
T1081

Processes

C:\Users\Admin\AppData\Local\Temp\416d47f1be7774def2125aa6a55663fee6bf8193c3b1230a01d7d004edec9b08.exe
"C:\Users\Admin\AppData\Local\Temp\416d47f1be7774def2125aa6a55663fee6bf8193c3b1230a01d7d004edec9b08.exe"
1⤵
PID:1348

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1348-54-0x0000000075071000-0x0000000075073000-memory.dmp

Filesize
8KB

Download
memory/1348-55-0x00000000027C0000-0x0000000002905000-memory.dmp

Filesize
1.3MB

Download

© 2018-2025

Terms | Privacy