0633c04d5fc2bcec9a7ec1384f27d6beac9c003ff368e24bab75545922f06b6c | Triage

Submit
Reports

Overview

overview

8

Static

static

3

0633c04d5f...6c.exe

windows7-x64

8

0633c04d5f...6c.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

0633c04d5fc2bcec9a7ec1384f27d6beac9c003ff368e24bab75545922f06b6c
Size

1.8MB
Sample

240630-symjmatcjj
MD5

769c2b3ecaa054c87a9459b5ccd2cf2c
SHA1

3b59308a864643412b6c5fdbc413eabb0a86527a
SHA256

0633c04d5fc2bcec9a7ec1384f27d6beac9c003ff368e24bab75545922f06b6c
SHA512

8bbf1eded5be1e3aafb2e301eec019c88bfb6c664599d0b7c94d30ad26ae893954ef265ce6cf8fe566a48dde4ecbc4ef136aed2e1f544273bbfe92bea6726927
SSDEEP

24576:F3vLR2VhZBJ905EmMyPnQxhe4GLwvHYgUBoHyC/hR:F3dUZTHKLAl

Score

8^/10

discovery spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0633c04d5fc2bcec9a7ec1384f27d6beac9c003ff368e24bab75545922f06b6c.exe

Resource

win7-20240611-en

discovery spyware stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

0633c04d5fc2bcec9a7ec1384f27d6beac9c003ff368e24bab75545922f06b6c.exe

Resource

win10v2004-20240611-en

discovery spyware stealer

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  0633c04d5fc2bcec9a7ec1384f27d6beac9c003ff368e24bab75545922f06b6c
- Size
  
  1.8MB
- MD5
  
  769c2b3ecaa054c87a9459b5ccd2cf2c
- SHA1
  
  3b59308a864643412b6c5fdbc413eabb0a86527a
- SHA256
  
  0633c04d5fc2bcec9a7ec1384f27d6beac9c003ff368e24bab75545922f06b6c
- SHA512
  
  8bbf1eded5be1e3aafb2e301eec019c88bfb6c664599d0b7c94d30ad26ae893954ef265ce6cf8fe566a48dde4ecbc4ef136aed2e1f544273bbfe92bea6726927
- SSDEEP
  
  24576:F3vLR2VhZBJ905EmMyPnQxhe4GLwvHYgUBoHyC/hR:F3dUZTHKLAl
Score

8^/10

discovery spyware stealer
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer

© 2018-2025

Terms | Privacy