d802f8579ffaaadc342b2fa2a4b6a440dc5f06ffb60981ceea8eaffc3f4ffbe3 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

winpeas.exe

windows7-x64

7

winpeas.exe

windows10-2004-x64

7

Sharing

General

Target

winpeas.exe.bin
Size

1.7MB
Sample

230501-y63hpsge94
MD5

61bdacb9d719489be430f1fdbed4b4fd
SHA1

3d92c26125f71bc0c616be5d7682348da6a25de6
SHA256

d802f8579ffaaadc342b2fa2a4b6a440dc5f06ffb60981ceea8eaffc3f4ffbe3
SHA512

91e78e2b13f8d16bd1c6c0d46b1e91b073f256762173bb8090075d52c8c53fefc3583d6d42f01045ec9d72f245e7af448142475a6ad7a5d6f1f8a9570dfec54d
SSDEEP

24576:H+LT8W2V/+7NVJ6Vfe5frygHfGCEHCyoiyUxZ3chFSPrG0bUOB:H+fN4qqM2zG0bU

Score

7^/10

discovery evasion spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

winpeas.exe

Resource

win7-20230220-en

discovery evasion spyware stealer trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

winpeas.exe

Resource

win10v2004-20230220-en

discovery evasion spyware stealer trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  winpeas.exe.bin
- Size
  
  1.7MB
- MD5
  
  61bdacb9d719489be430f1fdbed4b4fd
- SHA1
  
  3d92c26125f71bc0c616be5d7682348da6a25de6
- SHA256
  
  d802f8579ffaaadc342b2fa2a4b6a440dc5f06ffb60981ceea8eaffc3f4ffbe3
- SHA512
  
  91e78e2b13f8d16bd1c6c0d46b1e91b073f256762173bb8090075d52c8c53fefc3583d6d42f01045ec9d72f245e7af448142475a6ad7a5d6f1f8a9570dfec54d
- SSDEEP
  
  24576:H+LT8W2V/+7NVJ6Vfe5frygHfGCEHCyoiyUxZ3chFSPrG0bUOB:H+fN4qqM2zG0bU
Score

7^/10

discovery evasion spyware stealer trojan
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionspywarestealertrojan

behavioral2

discoveryevasionspywarestealertrojan

© 2018-2025

Terms | Privacy