b21e34fd40d84a8838137f1fc970857a8c12b9037e69b37b2966543caaddbe12 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

b21e34fd40...12.exe

windows7-x64

8

b21e34fd40...12.exe

windows10-2004-x64

8

Sharing

General

Target

b21e34fd40d84a8838137f1fc970857a8c12b9037e69b37b2966543caaddbe12
Size

731KB
Sample

221205-3vrdhshe54
MD5

6b1e324635b48d9f5b57a29c36027882
SHA1

335c33ac0475e79cf985c1207cba3cda1ae8453a
SHA256

b21e34fd40d84a8838137f1fc970857a8c12b9037e69b37b2966543caaddbe12
SHA512

47bafbcbc1d30606f023b0f740772a8c774c7f846775ddcb644427459c6a869f0930d4425abc1ba6a2bbe626cfac3c9230e002fa4994687f5453a1638d793529
SSDEEP

12288:xwG4OMwG4OMwG4OMwG4OMwG4OMwG4OMwG4OMwG4OMwG4OMwG4OMwG4OMwG4OMwGw:xarararararararararararararaTTi

Score

8^/10

spyware stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b21e34fd40d84a8838137f1fc970857a8c12b9037e69b37b2966543caaddbe12.exe

Resource

win7-20220901-en

spyware stealer upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

b21e34fd40d84a8838137f1fc970857a8c12b9037e69b37b2966543caaddbe12.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  b21e34fd40d84a8838137f1fc970857a8c12b9037e69b37b2966543caaddbe12
- Size
  
  731KB
- MD5
  
  6b1e324635b48d9f5b57a29c36027882
- SHA1
  
  335c33ac0475e79cf985c1207cba3cda1ae8453a
- SHA256
  
  b21e34fd40d84a8838137f1fc970857a8c12b9037e69b37b2966543caaddbe12
- SHA512
  
  47bafbcbc1d30606f023b0f740772a8c774c7f846775ddcb644427459c6a869f0930d4425abc1ba6a2bbe626cfac3c9230e002fa4994687f5453a1638d793529
- SSDEEP
  
  12288:xwG4OMwG4OMwG4OMwG4OMwG4OMwG4OMwG4OMwG4OMwG4OMwG4OMwG4OMwG4OMwGw:xarararararararararararararaTTi
Score

8^/10

spyware stealer upx
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Deletes itself
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

spywarestealerupx

behavioral2

© 2018-2025

Terms | Privacy