d7a5f0dd68c4bada79c06a39d480502c9e442719082ddfa33500aa4256d5eec9 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

VMPROXNO.exe

windows10-2004-x64

7

Sharing

General

Target

VMPROXNO.exe
Size

18.8MB
Sample

230319-b5q2ysed63
MD5

7eb00ec1ded4e9088bc4efa188219b9e
SHA1

97d4ff52201720179f72721c7453ac04382e93fa
SHA256

d7a5f0dd68c4bada79c06a39d480502c9e442719082ddfa33500aa4256d5eec9
SHA512

d2969124b8030e62a16a1734c938f0441a5a2ef1f89407af72fc6d41022c96d0b40beb92d16a8904aa4055ad5dabf536ef643961c7ad8a22543bb09d9e35faf0
SSDEEP

393216:AxAlniYXPT6TBRq/m3pznlPSF3VqevY87zdChd1lx:VliYXPG3qKznlEqeAosl

Score

7^/10

pyinstaller spyware stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

VMPROXNO.exe

Resource

win10v2004-20230220-en

spyware stealer upx

windows10-2004-x64

7 signatures

600 seconds

Malware Config

Targets

- Target
  
  VMPROXNO.exe
- Size
  
  18.8MB
- MD5
  
  7eb00ec1ded4e9088bc4efa188219b9e
- SHA1
  
  97d4ff52201720179f72721c7453ac04382e93fa
- SHA256
  
  d7a5f0dd68c4bada79c06a39d480502c9e442719082ddfa33500aa4256d5eec9
- SHA512
  
  d2969124b8030e62a16a1734c938f0441a5a2ef1f89407af72fc6d41022c96d0b40beb92d16a8904aa4055ad5dabf536ef643961c7ad8a22543bb09d9e35faf0
- SSDEEP
  
  393216:AxAlniYXPT6TBRq/m3pznlPSF3VqevY87zdChd1lx:VliYXPG3qKznlEqeAosl
Score

7^/10

spyware stealer upx
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

spywarestealerupx

© 2018-2024

Terms | Privacy