aebf2912902a63fa9914a5326bac471cfa4ff2a24cc9fb8caa21c02a1f327278 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

aebf291290...78.exe

windows7-x64

8

aebf291290...78.exe

windows10-2004-x64

8

Sharing

General

Target

aebf2912902a63fa9914a5326bac471cfa4ff2a24cc9fb8caa21c02a1f327278
Size

556KB
Sample

221203-sg2bfsbb28
MD5

21b3f4d2e344d9249cb93ca1cf5aafba
SHA1

d765d2e32b6ad8b0dda2d37d6bbe09a8b1d9e914
SHA256

aebf2912902a63fa9914a5326bac471cfa4ff2a24cc9fb8caa21c02a1f327278
SHA512

4f07bea5b0921230000afddfb43494af9eab9081e8dd3d81cf79274d4bfcb42a28042ae9f6a0fc6dff8ec7b1575dd08116c3ac663c69096eb38db1557acadce1
SSDEEP

12288:YGosTxSzpDq5VNYdyOshT5l4/86CaIhvPfNMIM1P27QwMMT6:YGosTxSEXzOV/UaIBNLMp20wMMT6

Score

8^/10

spyware stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

aebf2912902a63fa9914a5326bac471cfa4ff2a24cc9fb8caa21c02a1f327278.exe

Resource

win7-20220901-en

spyware stealer upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

aebf2912902a63fa9914a5326bac471cfa4ff2a24cc9fb8caa21c02a1f327278.exe

Resource

win10v2004-20220812-en

spyware stealer upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  aebf2912902a63fa9914a5326bac471cfa4ff2a24cc9fb8caa21c02a1f327278
- Size
  
  556KB
- MD5
  
  21b3f4d2e344d9249cb93ca1cf5aafba
- SHA1
  
  d765d2e32b6ad8b0dda2d37d6bbe09a8b1d9e914
- SHA256
  
  aebf2912902a63fa9914a5326bac471cfa4ff2a24cc9fb8caa21c02a1f327278
- SHA512
  
  4f07bea5b0921230000afddfb43494af9eab9081e8dd3d81cf79274d4bfcb42a28042ae9f6a0fc6dff8ec7b1575dd08116c3ac663c69096eb38db1557acadce1
- SSDEEP
  
  12288:YGosTxSzpDq5VNYdyOshT5l4/86CaIhvPfNMIM1P27QwMMT6:YGosTxSEXzOV/UaIBNLMp20wMMT6
Score

8^/10

spyware stealer upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

spywarestealerupx

behavioral2

spywarestealerupx

© 2018-2025

Terms | Privacy