c39ef1bd0b2caa3bb4b7978d799dec6662acd09fc53471fede167e020dd69c9c | Triage

Submit
Reports

Overview

overview

Static

static

77cfdeb83e...89.exe

windows7-x64

9

77cfdeb83e...89.exe

windows10-2004-x64

9

Sharing

General

Target

77cfdeb83e50db23aeb08e9d60fa37fa17f8ebce2afaaf4aaab472193b88b289.exe.compressed
Size

160KB
Sample

240128-3pe4asdbg9
MD5

22770b109126c42e44ae255b9f603e3c
SHA1

40733c6b3d0fbe2807c4bc7bd68cec141ad7bd62
SHA256

c39ef1bd0b2caa3bb4b7978d799dec6662acd09fc53471fede167e020dd69c9c
SHA512

634f904cd86125e5bd21997bed2d4107ad64f1e4c8605fa54cb8eb5bf9fad4c8177c4ea8263518b32a06e198aa77d873d8add303b1d003f0b4b7c3c095c496de
SSDEEP

3072:NFB3O3IRORghwODMJlz1dxoOXwupfOl2AGZ30r/F4RO+XRsd9Oeg:/BZcIDqvysbpf+2DEN4WU

Score

10^/10

discovery spyware stealer upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

77cfdeb83e50db23aeb08e9d60fa37fa17f8ebce2afaaf4aaab472193b88b289.exe

Resource

win7-20231215-en

spyware stealer upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

77cfdeb83e50db23aeb08e9d60fa37fa17f8ebce2afaaf4aaab472193b88b289.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  77cfdeb83e50db23aeb08e9d60fa37fa17f8ebce2afaaf4aaab472193b88b289.exe.compressed
- Size
  
  160KB
- MD5
  
  22770b109126c42e44ae255b9f603e3c
- SHA1
  
  40733c6b3d0fbe2807c4bc7bd68cec141ad7bd62
- SHA256
  
  c39ef1bd0b2caa3bb4b7978d799dec6662acd09fc53471fede167e020dd69c9c
- SHA512
  
  634f904cd86125e5bd21997bed2d4107ad64f1e4c8605fa54cb8eb5bf9fad4c8177c4ea8263518b32a06e198aa77d873d8add303b1d003f0b4b7c3c095c496de
- SSDEEP
  
  3072:NFB3O3IRORghwODMJlz1dxoOXwupfOl2AGZ30r/F4RO+XRsd9Oeg:/BZcIDqvysbpf+2DEN4WU
Score

9^/10

spyware stealer upx discovery
- Detects command variations typically used by ransomware
- UPX dump on OEP (original entry point)
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Network Service Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

spywarestealerupx

behavioral2

© 2018-2025

Terms | Privacy