8a4dc655c2804b9122e7e81ada85c77d9029cbac66ad192aba92001531d0b329 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

KingTransl...up.exe

windows10-2004-x64

7

Sharing

General

Target

KingTranslateSetup.exe
Size

820KB
Sample

240430-2sljtabe82
MD5

ee49cdb5358a2e441f2056cd731ba8e7
SHA1

8241655b45331219e2d450a302869e770ff09977
SHA256

8a4dc655c2804b9122e7e81ada85c77d9029cbac66ad192aba92001531d0b329
SHA512

cf2a4032b7cc569eecf6837e37a02a54c4dc0dc39ce25e7150d63defcef19f08225cd938fc3c602900e4d88dcdf4198ce5d81d9110ec4907078bf55145ca5528
SSDEEP

24576:x0alXh7lPiDR1s0JEIA6OyvB3QLnp6eF6w:xt7Fid1nXAVyvBI56w

Score

7^/10

persistence spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

KingTranslateSetup.exe

Resource

win10v2004-20240419-en

persistence spyware stealer

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  KingTranslateSetup.exe
- Size
  
  820KB
- MD5
  
  ee49cdb5358a2e441f2056cd731ba8e7
- SHA1
  
  8241655b45331219e2d450a302869e770ff09977
- SHA256
  
  8a4dc655c2804b9122e7e81ada85c77d9029cbac66ad192aba92001531d0b329
- SHA512
  
  cf2a4032b7cc569eecf6837e37a02a54c4dc0dc39ce25e7150d63defcef19f08225cd938fc3c602900e4d88dcdf4198ce5d81d9110ec4907078bf55145ca5528
- SSDEEP
  
  24576:x0alXh7lPiDR1s0JEIA6OyvB3QLnp6eF6w:xt7Fid1nXAVyvBI56w
Score

7^/10

persistence spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

© 2018-2025

Terms | Privacy