2f61de1bfd3024c4018bf9562e1d4065159463304336c15858239240e5f01834 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

4491154c5e...3d.exe

windows7-x64

7

4491154c5e...3d.exe

windows10-2004-x64

7

Sharing

General

Target

4491154c5e81e6ebf80ae8cf4e0dae3d
Size

892KB
Sample

240105-16b2vsbefq
MD5

4491154c5e81e6ebf80ae8cf4e0dae3d
SHA1

40f586d716df136f7516138825af633b1f8f64fd
SHA256

2f61de1bfd3024c4018bf9562e1d4065159463304336c15858239240e5f01834
SHA512

2693faafe132a2f0d070fd5bd06825f003936793f14e6c67ff79b53b5f326dae9c49c5be335e1df7119188ed6a74ca722e1ff44d4feb8a3defed6d02289aaf6a
SSDEEP

12288:gbLZWDfWRe9LOWzQRV2+gZ88PIsbUN1g38ojd9ZFSmmW26dgYI5NXK2qosjBpG1L:ELZWDlv+glws82dFOk4K2qo+E1kKYUaw

Score

7^/10

discovery spyware stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

4491154c5e81e6ebf80ae8cf4e0dae3d.exe

Resource

win7-20231215-en

discovery spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

4491154c5e81e6ebf80ae8cf4e0dae3d.exe

Resource

win10v2004-20231215-en

spyware stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  4491154c5e81e6ebf80ae8cf4e0dae3d
- Size
  
  892KB
- MD5
  
  4491154c5e81e6ebf80ae8cf4e0dae3d
- SHA1
  
  40f586d716df136f7516138825af633b1f8f64fd
- SHA256
  
  2f61de1bfd3024c4018bf9562e1d4065159463304336c15858239240e5f01834
- SHA512
  
  2693faafe132a2f0d070fd5bd06825f003936793f14e6c67ff79b53b5f326dae9c49c5be335e1df7119188ed6a74ca722e1ff44d4feb8a3defed6d02289aaf6a
- SSDEEP
  
  12288:gbLZWDfWRe9LOWzQRV2+gZ88PIsbUN1g38ojd9ZFSmmW26dgYI5NXK2qosjBpG1L:ELZWDlv+glws82dFOk4K2qo+E1kKYUaw
Score

7^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

© 2018-2025

Terms | Privacy