2290f94e11f761d70b2e8f1998224d40af3f16770caf2443267bd648de3580af | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

sys32.exe

windows7-x64

8

Sharing

General

Target

sys32.bat
Size

32KB
Sample

230826-vhf31scb96
MD5

1830f906145a43cfb22a718b520b8661
SHA1

52e2de8b1fd17a6f4cba06e7a1b20c550acf27a7
SHA256

2290f94e11f761d70b2e8f1998224d40af3f16770caf2443267bd648de3580af
SHA512

4f8e5ffa41b80436bffdfe8068d7a4249ed54e70c899257a03bad7a77a830f36c8fe681640661aa11a6f3be1feed770179b97b1f963be28eac2ca80ac282d632
SSDEEP

384:8LipZl447piqb/lUYf5uH3w59AMRG5qUIjFgOrjFymqAeO8W8xbEz5E1OuO:dmiiqTfk2AMRGwlFgOrjsbb71ZO

Score

8^/10

evasion spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

sys32.exe

Resource

win7-20230712-en

evasion spyware stealer

windows7-x64

13 signatures

600 seconds

Malware Config

Targets

- Target
  
  sys32.bat
- Size
  
  32KB
- MD5
  
  1830f906145a43cfb22a718b520b8661
- SHA1
  
  52e2de8b1fd17a6f4cba06e7a1b20c550acf27a7
- SHA256
  
  2290f94e11f761d70b2e8f1998224d40af3f16770caf2443267bd648de3580af
- SHA512
  
  4f8e5ffa41b80436bffdfe8068d7a4249ed54e70c899257a03bad7a77a830f36c8fe681640661aa11a6f3be1feed770179b97b1f963be28eac2ca80ac282d632
- SSDEEP
  
  384:8LipZl447piqb/lUYf5uH3w59AMRG5qUIjFgOrjFymqAeO8W8xbEz5E1OuO:dmiiqTfk2AMRGwlFgOrjsbb71ZO
Score

8^/10

evasion spyware stealer
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

BITS Jobs

Privilege Escalation

Defense Evasion

BITS Jobs

Hide Artifacts

Hidden Files and Directories

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

evasionspywarestealer

© 2018-2025

Terms | Privacy