7ff6595f0ab7fcc490bee43104ac88ef9615698eefdfef6276ef3ca03a3a6b59 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

file.exe

windows7-x64

1

file.exe

windows10-2004-x64

7

Analysis

max time kernel
142s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
15/05/2023, 14:04

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20230220-en

spyware stealer

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

file.exe
Size

370KB
MD5

8a6a2ef3184f09fd2fcf6b7b3f5afe23
SHA1

bcd3f5bdd7da1e24a5daa189003710d2d0496069
SHA256

7ff6595f0ab7fcc490bee43104ac88ef9615698eefdfef6276ef3ca03a3a6b59
SHA512

01fbf6bca1f2f1f1464312433f9ef06d12838f995405afee90c2e05f8b2d6a2f2fce3fd72c6a2a7d91bdabad329cd22cb65a4a3e88220bad114e10feeb91c0dd
SSDEEP

6144:Uq3y9wUepicisGiKzD8bFazgXWeiCvZEOHHrpm1XUZLxEZEOHHrpm1XUZLx:UA+wUeptviChtLpm1EwtLpm1E

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials in Files
T1081

Processes

C:\Users\Admin\AppData\Local\Temp\file.exe
"C:\Users\Admin\AppData\Local\Temp\file.exe"
1⤵
PID:1980

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1980-135-0x0000000002E40000-0x0000000002FAE000-memory.dmp

Filesize
1.4MB

Download
memory/1980-136-0x0000000002FB0000-0x00000000030DF000-memory.dmp

Filesize
1.2MB

Download
memory/1980-137-0x0000000002FB0000-0x00000000030DF000-memory.dmp

Filesize
1.2MB

Download

© 2018-2025

Terms | Privacy