privateloader | 7875b13017d325cb9642e1ef468b14e98b40412908cbf761be11595c4d2edd6e | Triage

Submit
Reports

Overview

overview

Static

static

7

File.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

File.exe
Size

475.2MB
Sample

230721-a1q1qaca4w
MD5

b1de0a1acdf86353f0ceab32aa701a1f
SHA1

be02ed2dff4c9046e331f18bb6e41a1429947fc0
SHA256

7875b13017d325cb9642e1ef468b14e98b40412908cbf761be11595c4d2edd6e
SHA512

a388fa1c0f5aa077100ce24222076908e8fe9f6ca8470eebc80db20edfe63f4a281d129b35ac81e47a98c38269d870b029f0c672984e8fd0beeb88c4083e0e6c
SSDEEP

196608:TRQhKckarjcSPOG5ptEqw6r9plBto7NBDv:T2sEvcSPOUk6RL0z

Score

10^/10

privateloader loader spyware stealer vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

File.exe

Resource

win10v2004-20230703-en

privateloader loader spyware stealer vmprotect

windows10-2004-x64

7 signatures

1800 seconds

Malware Config

Targets

- Target
  
  File.exe
- Size
  
  475.2MB
- MD5
  
  b1de0a1acdf86353f0ceab32aa701a1f
- SHA1
  
  be02ed2dff4c9046e331f18bb6e41a1429947fc0
- SHA256
  
  7875b13017d325cb9642e1ef468b14e98b40412908cbf761be11595c4d2edd6e
- SHA512
  
  a388fa1c0f5aa077100ce24222076908e8fe9f6ca8470eebc80db20edfe63f4a281d129b35ac81e47a98c38269d870b029f0c672984e8fd0beeb88c4083e0e6c
- SSDEEP
  
  196608:TRQhKckarjcSPOG5ptEqw6r9plBto7NBDv:T2sEvcSPOUk6RL0z
Score

10^/10

privateloader loader spyware stealer vmprotect
- PrivateLoader
  PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
  loader privateloader
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

privateloaderloaderspywarestealervmprotect

© 2018-2025

Terms | Privacy