1aa319975a9d1142cd5737d4b41d1004223881bf4e3485770a75be645e54934e | Triage

Submit
Reports

Overview

overview

7

Static

static

3

Price Inqu...08.exe

windows7-x64

7

Price Inqu...08.exe

windows10-2004-x64

7

Sharing

General

Target

Price Inquiry-DSD project DC202308.exe
Size

628KB
Sample

230801-qyh54ahb8z
MD5

f9802775070b5ccd79f6fde71e8e9c87
SHA1

f84d241302f809d355aff1f2a27c199f5db4854c
SHA256

1aa319975a9d1142cd5737d4b41d1004223881bf4e3485770a75be645e54934e
SHA512

52636782b93920455955a528aa97b4521c0cfbf86dc17d3f6c8162b234429b1d4ad042e38ba75297606e45831f6379512715a861826bc6d5734b313f42e0a879
SSDEEP

12288:ej2iN8JJGoyacL5VKEqzaF7oUJi4OR+q3yJmarXtxg8GOOIg:ej1uJMo6KELFU2i4ORA/97GOW

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Price Inquiry-DSD project DC202308.exe

Resource

win7-20230712-en

spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

Price Inquiry-DSD project DC202308.exe

Resource

win10v2004-20230703-en

spyware stealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  Price Inquiry-DSD project DC202308.exe
- Size
  
  628KB
- MD5
  
  f9802775070b5ccd79f6fde71e8e9c87
- SHA1
  
  f84d241302f809d355aff1f2a27c199f5db4854c
- SHA256
  
  1aa319975a9d1142cd5737d4b41d1004223881bf4e3485770a75be645e54934e
- SHA512
  
  52636782b93920455955a528aa97b4521c0cfbf86dc17d3f6c8162b234429b1d4ad042e38ba75297606e45831f6379512715a861826bc6d5734b313f42e0a879
- SSDEEP
  
  12288:ej2iN8JJGoyacL5VKEqzaF7oUJi4OR+q3yJmarXtxg8GOOIg:ej1uJMo6KELFU2i4ORA/97GOW
Score

7^/10

spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy