3bc8c8b9414b6cd4a2ec00c6a0d4d22584d26fa7fa95e75029b479bee5aed32b | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

3bc8c8b941...2b.exe

windows7-x64

7

3bc8c8b941...2b.exe

windows10-2004-x64

7

Sharing

General

Target

3bc8c8b9414b6cd4a2ec00c6a0d4d22584d26fa7fa95e75029b479bee5aed32b
Size

1.8MB
Sample

240629-2hptgs1gqn
MD5

03b5f95d0a8792cdb63781aed6c9e521
SHA1

c25073e239c1920e8ec8f9096ff63927cafdc207
SHA256

3bc8c8b9414b6cd4a2ec00c6a0d4d22584d26fa7fa95e75029b479bee5aed32b
SHA512

bbea5d464e92f30a9f273ff2d0eda7a6ff39aa5b070c7af8926bb5786270c9b76676b3def4708063d19450fb61600c7849332d088303e04dde0e91c045f20a30
SSDEEP

49152:Ix5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAxkQ/qoLEw:IvbjVkjjCAzJCqo4w

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3bc8c8b9414b6cd4a2ec00c6a0d4d22584d26fa7fa95e75029b479bee5aed32b.exe

Resource

win7-20240221-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

3bc8c8b9414b6cd4a2ec00c6a0d4d22584d26fa7fa95e75029b479bee5aed32b.exe

Resource

win10v2004-20240508-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  3bc8c8b9414b6cd4a2ec00c6a0d4d22584d26fa7fa95e75029b479bee5aed32b
- Size
  
  1.8MB
- MD5
  
  03b5f95d0a8792cdb63781aed6c9e521
- SHA1
  
  c25073e239c1920e8ec8f9096ff63927cafdc207
- SHA256
  
  3bc8c8b9414b6cd4a2ec00c6a0d4d22584d26fa7fa95e75029b479bee5aed32b
- SHA512
  
  bbea5d464e92f30a9f273ff2d0eda7a6ff39aa5b070c7af8926bb5786270c9b76676b3def4708063d19450fb61600c7849332d088303e04dde0e91c045f20a30
- SSDEEP
  
  49152:Ix5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAxkQ/qoLEw:IvbjVkjjCAzJCqo4w
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy