512e5f13abc1a98f84dd6e9ec4a9b5a85e8ad1136be7b7b048814c22ccce2750 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

512e5f13ab...50.exe

windows7-x64

7

512e5f13ab...50.exe

windows10-2004-x64

7

Sharing

General

Target

512e5f13abc1a98f84dd6e9ec4a9b5a85e8ad1136be7b7b048814c22ccce2750
Size

183KB
Sample

231014-bzbebabg55
MD5

ad263cb24bd45f358afdae1af924b88a
SHA1

60c7db5c7df0e77a8f38228d6d6c1dd87ffc57ab
SHA256

512e5f13abc1a98f84dd6e9ec4a9b5a85e8ad1136be7b7b048814c22ccce2750
SHA512

7e6b06cbe6acfc51451f953fd396d1290c472d78547a1bf61279b50400a55b9ad7812bf3b376ad44fd069662ad2d022d4434ac431615194b3715fd1fc7c1b76d
SSDEEP

3072:qecVOv+Kq7XRdEQ0FJ1ppM48XjyN8PtySC5bsOynXacwoge1i2qZgzoI7h+aS1GI:IKq7hd2b/b2yGPteb5KqcX1+Zgzo0naD

Score

7^/10

microsoft phishing spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

512e5f13abc1a98f84dd6e9ec4a9b5a85e8ad1136be7b7b048814c22ccce2750.exe

Resource

win7-20230831-en

spyware stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

512e5f13abc1a98f84dd6e9ec4a9b5a85e8ad1136be7b7b048814c22ccce2750.exe

Resource

win10v2004-20230915-en

microsoft phishing

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  512e5f13abc1a98f84dd6e9ec4a9b5a85e8ad1136be7b7b048814c22ccce2750
- Size
  
  183KB
- MD5
  
  ad263cb24bd45f358afdae1af924b88a
- SHA1
  
  60c7db5c7df0e77a8f38228d6d6c1dd87ffc57ab
- SHA256
  
  512e5f13abc1a98f84dd6e9ec4a9b5a85e8ad1136be7b7b048814c22ccce2750
- SHA512
  
  7e6b06cbe6acfc51451f953fd396d1290c472d78547a1bf61279b50400a55b9ad7812bf3b376ad44fd069662ad2d022d4434ac431615194b3715fd1fc7c1b76d
- SSDEEP
  
  3072:qecVOv+Kq7XRdEQ0FJ1ppM48XjyN8PtySC5bsOynXacwoge1i2qZgzoI7h+aS1GI:IKq7hd2b/b2yGPteb5KqcX1+Zgzo0naD
Score

7^/10

spyware stealer microsoft phishing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

microsoftphishing

© 2018-2025

Terms | Privacy