2beb165a3f2ed3b8506fe8c0d2624b2f47c2a82579ccdea7d7f308c49a00ca9d | Triage

Submit
Reports

Overview

overview

7

Static

static

file.exe

windows7-x64

7

file.exe

windows10-2004-x64

7

Sharing

General

Target

file.exe
Size

349KB
Sample

221102-l2r5ysbfen
MD5

cc63a28ffd1c520a780046c720f955f4
SHA1

71fd171809b55d73a75ef63b2776a2ab82a58a6a
SHA256

2beb165a3f2ed3b8506fe8c0d2624b2f47c2a82579ccdea7d7f308c49a00ca9d
SHA512

434642beffef2c5b8ab2e84c15294ea4b70926633df9ab40f65032213d0f3055fde855dc8c9422c9d038e763f5fc704edc13944e7272128805ddedda65741557
SSDEEP

6144:xRT6eUPmb5Dsxp6BDh8k65be81o0L3nVUW3LHKnhB0cBYUPyBtI1RD:xR2ob5DQ4BDh8k65be81o0L3VUCqhB0e

Score

7^/10

discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220812-en

discovery spyware stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20220901-en

discovery spyware stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  349KB
- MD5
  
  cc63a28ffd1c520a780046c720f955f4
- SHA1
  
  71fd171809b55d73a75ef63b2776a2ab82a58a6a
- SHA256
  
  2beb165a3f2ed3b8506fe8c0d2624b2f47c2a82579ccdea7d7f308c49a00ca9d
- SHA512
  
  434642beffef2c5b8ab2e84c15294ea4b70926633df9ab40f65032213d0f3055fde855dc8c9422c9d038e763f5fc704edc13944e7272128805ddedda65741557
- SSDEEP
  
  6144:xRT6eUPmb5Dsxp6BDh8k65be81o0L3nVUW3LHKnhB0cBYUPyBtI1RD:xR2ob5DQ4BDh8k65be81o0L3VUCqhB0e
Score

7^/10

discovery spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.