5ebc4e803b2fe6e6b49bb9dd66771a8cd1523de8610ac2fb6ea3629dd7648dec | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

5ebc4e803b...ec.exe

windows7-x64

7

5ebc4e803b...ec.exe

windows10-2004-x64

7

Sharing

General

Target

5ebc4e803b2fe6e6b49bb9dd66771a8cd1523de8610ac2fb6ea3629dd7648dec
Size

1.8MB
Sample

240429-mbxs7agb93
MD5

a19ef8cf8f99826a81eb25129ef98c02
SHA1

6b9aaa976b25d7dbf9feb020e8e451e382902cd6
SHA256

5ebc4e803b2fe6e6b49bb9dd66771a8cd1523de8610ac2fb6ea3629dd7648dec
SHA512

f63e5d59a640eb40184a771c03fe83128a228eecaadd5845ebcb70e6b77aae89aca2330ab33da5038371da74a9787f0dd4da1bf3bd47c4b4254f8cf40586c8d2
SSDEEP

49152:Ex5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAhkQ/qoLEw:EvbjVkjjCAzJ2qo4w

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5ebc4e803b2fe6e6b49bb9dd66771a8cd1523de8610ac2fb6ea3629dd7648dec.exe

Resource

win7-20231129-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

5ebc4e803b2fe6e6b49bb9dd66771a8cd1523de8610ac2fb6ea3629dd7648dec.exe

Resource

win10v2004-20240419-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  5ebc4e803b2fe6e6b49bb9dd66771a8cd1523de8610ac2fb6ea3629dd7648dec
- Size
  
  1.8MB
- MD5
  
  a19ef8cf8f99826a81eb25129ef98c02
- SHA1
  
  6b9aaa976b25d7dbf9feb020e8e451e382902cd6
- SHA256
  
  5ebc4e803b2fe6e6b49bb9dd66771a8cd1523de8610ac2fb6ea3629dd7648dec
- SHA512
  
  f63e5d59a640eb40184a771c03fe83128a228eecaadd5845ebcb70e6b77aae89aca2330ab33da5038371da74a9787f0dd4da1bf3bd47c4b4254f8cf40586c8d2
- SSDEEP
  
  49152:Ex5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAhkQ/qoLEw:EvbjVkjjCAzJ2qo4w
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy