22ba67deee2d61707e126c3a09dc57bf86388a82b847a2366ac53114ff10630a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

22ba67deee...0a.exe

windows7-x64

1

22ba67deee...0a.exe

windows10-2004-x64

7

Sharing

General

Target

22ba67deee2d61707e126c3a09dc57bf86388a82b847a2366ac53114ff10630a
Size

1.7MB
Sample

240410-skza9sce32
MD5

8b8d0fde81c5eff9aa23ccf61a4d9940
SHA1

832b90f739bd265b1b5e03bf67d0e2af411acf24
SHA256

22ba67deee2d61707e126c3a09dc57bf86388a82b847a2366ac53114ff10630a
SHA512

bfd5d8388a455bf8f07cb643639618806ceb6acebcaf2990b69fbdfc01d9f0c133a1740b1b57f611fc01f81075ccc74460b6e23cbbcac3fa42e1f6be32abc336
SSDEEP

12288:RF7nYaFffH7nF65PYS7cNHV1GHBbXc3ydRCYeeSIwCmo7JmJVFT:fP0TcmBbM3+hebdf

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

22ba67deee2d61707e126c3a09dc57bf86388a82b847a2366ac53114ff10630a.exe

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

22ba67deee2d61707e126c3a09dc57bf86388a82b847a2366ac53114ff10630a.exe

Resource

win10v2004-20240226-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  22ba67deee2d61707e126c3a09dc57bf86388a82b847a2366ac53114ff10630a
- Size
  
  1.7MB
- MD5
  
  8b8d0fde81c5eff9aa23ccf61a4d9940
- SHA1
  
  832b90f739bd265b1b5e03bf67d0e2af411acf24
- SHA256
  
  22ba67deee2d61707e126c3a09dc57bf86388a82b847a2366ac53114ff10630a
- SHA512
  
  bfd5d8388a455bf8f07cb643639618806ceb6acebcaf2990b69fbdfc01d9f0c133a1740b1b57f611fc01f81075ccc74460b6e23cbbcac3fa42e1f6be32abc336
- SSDEEP
  
  12288:RF7nYaFffH7nF65PYS7cNHV1GHBbXc3ydRCYeeSIwCmo7JmJVFT:fP0TcmBbM3+hebdf
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy