3b39950dac6f7381acf848cfcdc2320b93e7797242a906563e8e6f0d5dfca40e | Triage

Submit
Reports

Overview

overview

9

Static

static

7

hwi_806.zip

windows11-21h2-x64

9

HWiNFO32.exe

windows11-21h2-x64

7

HWiNFO64.exe

windows11-21h2-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

hwi_806.zip
Size

11.9MB
Sample

240808-t135tswcqn
MD5

a2b38729336cb891a6d476a46d6ab48a
SHA1

59726810921834583942d61338e2eb58788629d2
SHA256

3b39950dac6f7381acf848cfcdc2320b93e7797242a906563e8e6f0d5dfca40e
SHA512

4fb182b35ba1bc916dab0bbeab144a41fc70fa2fffeb22643f012172cd56cd3f7a43aafdfd17eb6d4e86beb4883250578e066fdefd88187beffdb191ca36c279
SSDEEP

196608:SBjJU+UWuxylXlVwnUft9+YChNkqrrhzCl3/7ADOy+i+/TW/aux3t/VlCmcNe:4jS+UWAylXLwnif+9hNk4FzCl3TAOyx1

Score

9^/10

credential_access discovery stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

hwi_806.zip

Resource

win11-20240802-en

credential_access discovery stealer

windows11-21h2-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

HWiNFO32.exe

Resource

win11-20240802-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

HWiNFO64.exe

Resource

win11-20240802-en

windows11-21h2-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  hwi_806.zip
- Size
  
  11.9MB
- MD5
  
  a2b38729336cb891a6d476a46d6ab48a
- SHA1
  
  59726810921834583942d61338e2eb58788629d2
- SHA256
  
  3b39950dac6f7381acf848cfcdc2320b93e7797242a906563e8e6f0d5dfca40e
- SHA512
  
  4fb182b35ba1bc916dab0bbeab144a41fc70fa2fffeb22643f012172cd56cd3f7a43aafdfd17eb6d4e86beb4883250578e066fdefd88187beffdb191ca36c279
- SSDEEP
  
  196608:SBjJU+UWuxylXlVwnUft9+YChNkqrrhzCl3/7ADOy+i+/TW/aux3t/VlCmcNe:4jS+UWAylXLwnif+9hNk4FzCl3TAOyx1
Score

9^/10

credential_access discovery stealer
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
behavioral1
- Target
  
  HWiNFO32.exe
- Size
  
  3.1MB
- MD5
  
  250d747878b6a3fbcc87a4cf79aaa3c4
- SHA1
  
  d8d544f4d3b6a6061e9cbf710cc7fa848e2fca11
- SHA256
  
  943d41603faba953510e35237e94444d33dbbca2ba1bf20d5cf6e8fe966d40a8
- SHA512
  
  431ec59b75c2c1495be80c89112d8ece8cb9d409862ba7c5dc0b72a446c44583e7126828b2008707eaa015e07f749423ee2630e004b87e30650614e40b2d05c5
- SSDEEP
  
  49152:9Gzu24lsYdejubSUdJLC5lB9dyD8AtJ16ZQxKGAPeso9pAqwXHhPomaFHDrib:324aYdgutdQBlS4ZiX4eso9kHhQhpQ
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral2
- Target
  
  HWiNFO64.exe
- Size
  
  9.0MB
- MD5
  
  537eb6663d32749aa6d7ae90c8db6e4c
- SHA1
  
  fc27c5a1c87224fd10a1f8816a8ff7429e85933e
- SHA256
  
  3828ab874ff0acd87cb6596a72cb731d53f054a07ebb2e18bde2af4978543a03
- SHA512
  
  ef6f6479e70de358697a1c82e30d800fcbde7dc464679561a55f90ecabc0063c8dd1686e2d6f26232d92b57d2ba777e903764d29d5cf87ad25d47fd8fa7bca87
- SSDEEP
  
  196608:NOzWR3he2KfHCSZ5OTYRlL7EJM0wGKNTIdW2ltnhjP8smpK:NOzWRe/fHCwITYRln2M09OI02lgs5
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessdiscoverystealer

behavioral2

behavioral3

© 2018-2025

Terms | Privacy