02ebbdc3498c822d2d08ca3e8255279982e2d1ad23e33c64d5bcef503df5fa38 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

50a3fabe50...7d.exe

windows7-x64

7

50a3fabe50...7d.exe

windows10-2004-x64

7

Sharing

General

Target

50a3fabe509fd67f754aba4177a3b87d
Size

194KB
Sample

231226-d4d24sgacr
MD5

50a3fabe509fd67f754aba4177a3b87d
SHA1

2e9b4f2b4d946f1db0b945f547c8ff23f99447e6
SHA256

02ebbdc3498c822d2d08ca3e8255279982e2d1ad23e33c64d5bcef503df5fa38
SHA512

fb508c5eec002d50ef5347a0fadecc29291c2bd306e014eb81f764f9dc4b42fa8797f2d53212ad61c7dde842b350eabf70b36e69705972649cb64820ad53b093
SSDEEP

3072:hn1/uEAgDPdkBlyFZ+ScjaiKWbETBquAEXlqsUUIaN3EgHeXA2cedWvzlR6/9Jr2:h1OgDPdkBAFZWjadD4s5IQ3XKNqzl4F8

Score

7^/10

discovery spyware stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

50a3fabe509fd67f754aba4177a3b87d.exe

Resource

win7-20231215-en

discovery spyware stealer upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

50a3fabe509fd67f754aba4177a3b87d.exe

Resource

win10v2004-20231215-en

discovery spyware stealer upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  50a3fabe509fd67f754aba4177a3b87d
- Size
  
  194KB
- MD5
  
  50a3fabe509fd67f754aba4177a3b87d
- SHA1
  
  2e9b4f2b4d946f1db0b945f547c8ff23f99447e6
- SHA256
  
  02ebbdc3498c822d2d08ca3e8255279982e2d1ad23e33c64d5bcef503df5fa38
- SHA512
  
  fb508c5eec002d50ef5347a0fadecc29291c2bd306e014eb81f764f9dc4b42fa8797f2d53212ad61c7dde842b350eabf70b36e69705972649cb64820ad53b093
- SSDEEP
  
  3072:hn1/uEAgDPdkBlyFZ+ScjaiKWbETBquAEXlqsUUIaN3EgHeXA2cedWvzlR6/9Jr2:h1OgDPdkBAFZWjadD4s5IQ3XKNqzl4F8
Score

7^/10

discovery spyware stealer upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealerupx

behavioral2

discoveryspywarestealerupx

© 2018-2025

Terms | Privacy