53e129e6b4bf741766737bbe3c9e12070388943c2649b9a829af75eefae79247 | Triage

Submit
Reports

Overview

overview

8

Static

static

53e129e6b4...47.cmd

windows7-x64

8

53e129e6b4...47.cmd

windows10-2004-x64

8

Resubmissions

09/01/2023, 19:35

230109-yascvsah4v 8

09/01/2023, 19:26

230109-x5w4vsah2s 8

Sharing

Copy URL Twitter E-mail

General

Target

53e129e6b4bf741766737bbe3c9e12070388943c2649b9a829af75eefae79247.cmd
Size

1.6MB
Sample

230109-yascvsah4v
MD5

b4796224dc192a7747017d2b5aa0673a
SHA1

2a97af4e0de5c4ec202110bd70ed12671286ee2d
SHA256

53e129e6b4bf741766737bbe3c9e12070388943c2649b9a829af75eefae79247
SHA512

3772fe073f32060a489238d0b66d627b6aee679caa7c5f4d218d83caa6f6459166b72f458ce834464cb3e22ee00f64668d3716a19fba5d1a8d3b27ed9d1fdc80
SSDEEP

24576:potxQMlJva9Ya7MLkx42rCpNofi6sznViZqzuW9Tg6yTtTK7ghb59Fz9BdnThKrj:qQCiTW6CwCnLu++gUr75hG

Score

8^/10

collection spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

53e129e6b4bf741766737bbe3c9e12070388943c2649b9a829af75eefae79247.cmd

Resource

win7-20220901-en

collection spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

53e129e6b4bf741766737bbe3c9e12070388943c2649b9a829af75eefae79247.cmd

Resource

win10v2004-20221111-en

collection spyware stealer

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  53e129e6b4bf741766737bbe3c9e12070388943c2649b9a829af75eefae79247.cmd
- Size
  
  1.6MB
- MD5
  
  b4796224dc192a7747017d2b5aa0673a
- SHA1
  
  2a97af4e0de5c4ec202110bd70ed12671286ee2d
- SHA256
  
  53e129e6b4bf741766737bbe3c9e12070388943c2649b9a829af75eefae79247
- SHA512
  
  3772fe073f32060a489238d0b66d627b6aee679caa7c5f4d218d83caa6f6459166b72f458ce834464cb3e22ee00f64668d3716a19fba5d1a8d3b27ed9d1fdc80
- SSDEEP
  
  24576:potxQMlJva9Ya7MLkx42rCpNofi6sznViZqzuW9Tg6yTtTK7ghb59Fz9BdnThKrj:qQCiTW6CwCnLu++gUr75hG
Score

8^/10

collection spyware stealer
- Downloads MZ/PE file
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

collectionspywarestealer

behavioral2

collectionspywarestealer

© 2018-2025

Terms | Privacy