ed3cdc71e21e5f846284826f81d9d9abe02d61a8038b80350ea3b7dc843a9b3d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

release_v4.rar

windows11-21h2-x64

8

Resubmissions

27/02/2024, 21:02

240227-zvlw9abe32 8

27/02/2024, 21:01

240227-zt7sbsbf3s 1

Sharing

General

Target

release_v4.rar
Size

15.5MB
Sample

240227-zvlw9abe32
MD5

fd1bf04083511e2f9039adb11f6f0fa2
SHA1

dc22c2de27239653e90c3c37c59b6c3a2177d10c
SHA256

ed3cdc71e21e5f846284826f81d9d9abe02d61a8038b80350ea3b7dc843a9b3d
SHA512

5192f2ace2383716f84f80eca6bf21d3f0c08db5ddf517adf3a7de33cf415a3a7c80b3aa30201538c0769aab85c4dee6943393eca2eb614d2e21db724ea3ff69
SSDEEP

393216:/zYZDaxJ95F9ejuNQwWNPN1tWLsIjx5Z50vWTWSGJ:/zOa3pcjuGXZMLd3L0v9SGJ

Score

8^/10

spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

release_v4.rar

Resource

win11-20240221-en

spyware stealer

windows11-21h2-x64

13 signatures

1800 seconds

Malware Config

Targets

- Target
  
  release_v4.rar
- Size
  
  15.5MB
- MD5
  
  fd1bf04083511e2f9039adb11f6f0fa2
- SHA1
  
  dc22c2de27239653e90c3c37c59b6c3a2177d10c
- SHA256
  
  ed3cdc71e21e5f846284826f81d9d9abe02d61a8038b80350ea3b7dc843a9b3d
- SHA512
  
  5192f2ace2383716f84f80eca6bf21d3f0c08db5ddf517adf3a7de33cf415a3a7c80b3aa30201538c0769aab85c4dee6943393eca2eb614d2e21db724ea3ff69
- SSDEEP
  
  393216:/zYZDaxJ95F9ejuNQwWNPN1tWLsIjx5Z50vWTWSGJ:/zOa3pcjuGXZMLd3L0v9SGJ
Score

8^/10

spyware stealer
- Downloads MZ/PE file
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy