af78e0907d4352f9405cd7e165f2f56c2a80c0654ee49cd7429b1f2ea8e5e031 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

e8b02f4683...6d.exe

windows7-x64

9

e8b02f4683...6d.exe

windows10-2004-x64

9

Sharing

General

Target

e8b02f4683dc4c841454495c018e6427781c830498fecb6c6d9381e6ab77f16d.zip
Size

2.0MB
Sample

230802-kdswxaeg4x
MD5

f1adcf9b2c0f0de67da1339013b8e9e9
SHA1

fb05cdc0e9ea912526b1a21291916110d7e1d158
SHA256

af78e0907d4352f9405cd7e165f2f56c2a80c0654ee49cd7429b1f2ea8e5e031
SHA512

9f11a8bcaa72fb6c30b84c04d617fb5d8df36111c4b0a0703b4d5da88fbf5693d107e76d546b0a7278b1c08e2d1a7f29cb30ca4e0da760a8b4e755b473eb6cb0
SSDEEP

49152:nGfBoNRvTt2EHFrS1vkVDOuLPOZtcbOY3pJY2Zb:nGfBo3rU30P+tcbO4JY2Zb

Score

9^/10

evasion ransomware spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e8b02f4683dc4c841454495c018e6427781c830498fecb6c6d9381e6ab77f16d.exe

Resource

win7-20230712-en

evasion ransomware spyware stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

e8b02f4683dc4c841454495c018e6427781c830498fecb6c6d9381e6ab77f16d.exe

Resource

win10v2004-20230703-en

evasion ransomware spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  e8b02f4683dc4c841454495c018e6427781c830498fecb6c6d9381e6ab77f16d.exe
- Size
  
  3.4MB
- MD5
  
  5ffa1b18aedd7733589b26349ee332ef
- SHA1
  
  7678a972575972f9a03bbebd364c01a1dc90c6cf
- SHA256
  
  e8b02f4683dc4c841454495c018e6427781c830498fecb6c6d9381e6ab77f16d
- SHA512
  
  12608f4a4e13eedba32c07d31bd3b02e2c72dd2d269c0ad054ed711df802892c6fceb54b6baf157728116769f9cfde0d706adb2b089fcc8212f5ca18412bfb04
- SSDEEP
  
  49152:HNd9Lq8J35Irb/TYvO90d7HjmAFd4A64nsfJE8R3akbCKI66d+jtgJ7xYT2WQ118:f35CI64Y0QsNK
Score

9^/10

evasion ransomware spyware stealer
- Clears Windows event logs
  evasion ransomware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionransomwarespywarestealer

behavioral2

evasionransomwarespywarestealer

© 2018-2025

Terms | Privacy