87b8dfde1aa02de6bc7060e980ab6adf2a5158967a8b92177b97378aca5ac405 | Triage

Submit
Reports

Overview

overview

9

Static

static

87b8dfde1a...05.exe

windows7-x64

9

87b8dfde1a...05.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

87b8dfde1aa02de6bc7060e980ab6adf2a5158967a8b92177b97378aca5ac405
Size

194KB
Sample

221202-bvrwhaad62
MD5

e4ff3c97e90a3854a7d66e0474ac1bf8
SHA1

6131c4a787c91f9b17a5a48f557e6b567cedb0b0
SHA256

87b8dfde1aa02de6bc7060e980ab6adf2a5158967a8b92177b97378aca5ac405
SHA512

b6134904001c8d4d4267534d46d790f7a0b8433c1ac73da2da11ccb4ff51859596b578fd4b1aa6d4dfc44e20b96579de7e398d544957be565abae21a78eef868
SSDEEP

3072:hn1/uEAgDPdkBlyFZ+ScjaiKWbETBquAEXlqsUUypbXZc410uGg+QUWSR:h1OgDPdkBAFZWjadD4s5OJcWviR

Score

9^/10

discovery spyware stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

87b8dfde1aa02de6bc7060e980ab6adf2a5158967a8b92177b97378aca5ac405.exe

Resource

win7-20220812-en

discovery spyware stealer upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

87b8dfde1aa02de6bc7060e980ab6adf2a5158967a8b92177b97378aca5ac405.exe

Resource

win10v2004-20220812-en

discovery spyware stealer upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  87b8dfde1aa02de6bc7060e980ab6adf2a5158967a8b92177b97378aca5ac405
- Size
  
  194KB
- MD5
  
  e4ff3c97e90a3854a7d66e0474ac1bf8
- SHA1
  
  6131c4a787c91f9b17a5a48f557e6b567cedb0b0
- SHA256
  
  87b8dfde1aa02de6bc7060e980ab6adf2a5158967a8b92177b97378aca5ac405
- SHA512
  
  b6134904001c8d4d4267534d46d790f7a0b8433c1ac73da2da11ccb4ff51859596b578fd4b1aa6d4dfc44e20b96579de7e398d544957be565abae21a78eef868
- SSDEEP
  
  3072:hn1/uEAgDPdkBlyFZ+ScjaiKWbETBquAEXlqsUUypbXZc410uGg+QUWSR:h1OgDPdkBAFZWjadD4s5OJcWviR
Score

9^/10

discovery spyware stealer upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealerupx

behavioral2

discoveryspywarestealerupx

© 2018-2025

Terms | Privacy