d904bc8f0da9341be62a25bb5ca50a3081d6d8cc397c1cdba4f7b90505de25de | Triage

Submit
Reports

Overview

overview

8

Static

static

8

d904bc8f0d...de.exe

windows7-x64

8

d904bc8f0d...de.exe

windows10-2004-x64

8

Sharing

General

Target

d904bc8f0da9341be62a25bb5ca50a3081d6d8cc397c1cdba4f7b90505de25de
Size

1.1MB
Sample

221204-far3zsgc49
MD5

06fac1a272e4fa442b872b5a7dec942b
SHA1

cda465a0d8a8bf4a96f5e68034da1ee023e3daf1
SHA256

d904bc8f0da9341be62a25bb5ca50a3081d6d8cc397c1cdba4f7b90505de25de
SHA512

0d4411dcec1ce876ff4ff9e21574f61631efd3698a0b83fd20aacdb858fda8aee28840aa3cc6c64ea2eca180686963ff37616793c4a8311fb820dcc9ffb9d008
SSDEEP

24576:rDybvhieUmzLJuDRNgiQJuxS/fIZrTQqtFU0MML+:wiRIcRPQuIArTfFU0MMK

Score

8^/10

spyware stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d904bc8f0da9341be62a25bb5ca50a3081d6d8cc397c1cdba4f7b90505de25de.exe

Resource

win7-20220901-en

spyware stealer upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

d904bc8f0da9341be62a25bb5ca50a3081d6d8cc397c1cdba4f7b90505de25de.exe

Resource

win10v2004-20221111-en

spyware stealer upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  d904bc8f0da9341be62a25bb5ca50a3081d6d8cc397c1cdba4f7b90505de25de
- Size
  
  1.1MB
- MD5
  
  06fac1a272e4fa442b872b5a7dec942b
- SHA1
  
  cda465a0d8a8bf4a96f5e68034da1ee023e3daf1
- SHA256
  
  d904bc8f0da9341be62a25bb5ca50a3081d6d8cc397c1cdba4f7b90505de25de
- SHA512
  
  0d4411dcec1ce876ff4ff9e21574f61631efd3698a0b83fd20aacdb858fda8aee28840aa3cc6c64ea2eca180686963ff37616793c4a8311fb820dcc9ffb9d008
- SSDEEP
  
  24576:rDybvhieUmzLJuDRNgiQJuxS/fIZrTQqtFU0MML+:wiRIcRPQuIArTfFU0MMK
Score

8^/10

spyware stealer upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

spywarestealerupx

behavioral2

spywarestealerupx

© 2018-2024

Terms | Privacy