f884438e059ab4c0ade9775af9b80b2a1b0dc47f1d8ca98778f108ca98bc5915 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

Sandboxie-....6.exe

windows7-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

Sandboxie-Classic-x64-v5.67.6.exe
Size

2.9MB
Sample

240104-qvxt3sbhb3
MD5

c0306564bcdaee3cfde34168662d45c0
SHA1

28772b38f3347ed36c5b4f47f90494a99c592e88
SHA256

f884438e059ab4c0ade9775af9b80b2a1b0dc47f1d8ca98778f108ca98bc5915
SHA512

0259fcc97cec6658149bbdf05491dd2f60cb86308b209404c5f57e8506f38e6de2e9b45b8ed89c54f4fb80e1f3a52b68e5d7717bc0b546e42cc48519eb232109
SSDEEP

49152:c5QVgFUpnlOReGpCBYGw7evhKCiSir2FFkK2+U/k20qGZsxdnzfPAcdP9:K86qolpCBYkHiS8KKk20qGZsxhPAC9

Score

7^/10

discovery spyware stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Sandboxie-Classic-x64-v5.67.6.exe

Resource

win7-20231129-en

discovery spyware stealer upx

windows7-x64

17 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Sandboxie-Classic-x64-v5.67.6.exe
- Size
  
  2.9MB
- MD5
  
  c0306564bcdaee3cfde34168662d45c0
- SHA1
  
  28772b38f3347ed36c5b4f47f90494a99c592e88
- SHA256
  
  f884438e059ab4c0ade9775af9b80b2a1b0dc47f1d8ca98778f108ca98bc5915
- SHA512
  
  0259fcc97cec6658149bbdf05491dd2f60cb86308b209404c5f57e8506f38e6de2e9b45b8ed89c54f4fb80e1f3a52b68e5d7717bc0b546e42cc48519eb232109
- SSDEEP
  
  49152:c5QVgFUpnlOReGpCBYGw7evhKCiSir2FFkK2+U/k20qGZsxdnzfPAcdP9:K86qolpCBYkHiS8KKk20qGZsxhPAC9
Score

7^/10

discovery spyware stealer upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealerupx

© 2018-2025

Terms | Privacy