f090f83873271fbbc0b7426de0051f76463c16e1a1d5f63f57af630704873778 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

0d0b7eaef7...0d.exe

windows7-x64

7

0d0b7eaef7...0d.exe

windows10-2004-x64

7

Analysis

max time kernel
94s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
11-04-2023 09:33

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

0d0b7eaef798e705fe89a27c5ad7350d.exe

Resource

win7-20230220-en

spyware stealer

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

0d0b7eaef798e705fe89a27c5ad7350d.exe

Resource

win10v2004-20230220-en

spyware stealer

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

0d0b7eaef798e705fe89a27c5ad7350d.exe
Size

476KB
MD5

0d0b7eaef798e705fe89a27c5ad7350d
SHA1

f0e9f4dd1070b1b6a2e6963f61c3e315c68fc430
SHA256

f090f83873271fbbc0b7426de0051f76463c16e1a1d5f63f57af630704873778
SHA512

48ec66114153a09b7f6561db35959f4bc8510415441ed94b809f4481babb21e86f9f37018032452ff065e5c0c7078f7a5fdc6ccf67faa54246b11fb438d75ba6
SSDEEP

6144:IwCOBKAoxlvhDhuGrN5BD7LFYvbUexibj6UDQgVJAiAhYl:dPGx51FYjUeMnEhYl

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials in Files
T1081

Processes

C:\Users\Admin\AppData\Local\Temp\0d0b7eaef798e705fe89a27c5ad7350d.exe
"C:\Users\Admin\AppData\Local\Temp\0d0b7eaef798e705fe89a27c5ad7350d.exe"
1⤵
PID:1364

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1364-135-0x0000023F89670000-0x0000023F897DC000-memory.dmp

Filesize
1.4MB

Download
memory/1364-136-0x0000023F897E0000-0x0000023F8990C000-memory.dmp

Filesize
1.2MB

Download
memory/1364-137-0x0000023F897E0000-0x0000023F8990C000-memory.dmp

Filesize
1.2MB

Download

© 2018-2025

Terms | Privacy