53849a4eb386b120629ceceeac78861ddbf73209c5f2be0b0d7a00df95b10dc2 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

32.html

windows7-x64

8

32.html

windows10-2004-x64

1

Resubmissions

05/10/2023, 06:30

231005-g9yv9aha9x 1

31/05/2023, 20:00

230531-yqyjtabc2x 8

Sharing

General

Target

32.html
Size

5KB
Sample

230531-yqyjtabc2x
MD5

916775167caac5745bc1095e9ff654f8
SHA1

d563e1388016bbdf2b2a47970207a4b966eadc55
SHA256

53849a4eb386b120629ceceeac78861ddbf73209c5f2be0b0d7a00df95b10dc2
SHA512

6476bc71f0772021c8e828f783c20a974b34d62cc17b5306eb0a5e5fc2fb2b66dab37c4028bdf70aab7ef36f9f0505383a241968e98b2f80d8d98ce6f8b24629
SSDEEP

48:TApOqA5BAFzPJhVI/CLQfvaFzYsWzxeqs6Gp7vlcg793cjvynM:jDEzPJhkCBzglsZpzlcgJMjvyM

Score

8^/10

discovery evasion spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

32.html

Resource

win7-20230220-en

discovery evasion spyware stealer

windows7-x64

21 signatures

150 seconds

Behavioral task

behavioral2

Sample

32.html

Resource

win10v2004-20230220-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  32.html
- Size
  
  5KB
- MD5
  
  916775167caac5745bc1095e9ff654f8
- SHA1
  
  d563e1388016bbdf2b2a47970207a4b966eadc55
- SHA256
  
  53849a4eb386b120629ceceeac78861ddbf73209c5f2be0b0d7a00df95b10dc2
- SHA512
  
  6476bc71f0772021c8e828f783c20a974b34d62cc17b5306eb0a5e5fc2fb2b66dab37c4028bdf70aab7ef36f9f0505383a241968e98b2f80d8d98ce6f8b24629
- SSDEEP
  
  48:TApOqA5BAFzPJhVI/CLQfvaFzYsWzxeqs6Gp7vlcg793cjvynM:jDEzPJhkCBzglsZpzlcgJMjvyM
Score

8^/10

discovery evasion spyware stealer
- Downloads MZ/PE file
- Modifies Windows Firewall
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionspywarestealer

behavioral2

© 2018-2025

Terms | Privacy