27cfb861e0428122c706f757af4a5a6270582eabfaa427af2df74719ed7a65f4 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

Firefox In...1).exe

windows7-x64

7

Firefox In...1).exe

windows10-2004-x64

7

out.exe

windows7-x64

out.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

Firefox Installer (1).exe
Size

363KB
Sample

240813-w339qathln
MD5

6ac29cfa0d706be103a429fb8408a558
SHA1

1a0b6bbfaedf49e477ed3f3a58029759a3711d51
SHA256

27cfb861e0428122c706f757af4a5a6270582eabfaa427af2df74719ed7a65f4
SHA512

44c40ecf473a09b45a87e426d00198c730def1e41a14ce7c25f72256fe1e434bef3b5af87f373f2808fe290d3d016748b41979471212a45b44105cc33da45c74
SSDEEP

6144:8aVWdyzOxeA1DfdwX3MmIOd/3KGGvJHAkisdWWhu2pnr2VaX9sT:8MROxdDfOnMmXdSGGBgc3tnrzsT

Score

7^/10

discovery spyware stealer upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Firefox Installer (1).exe

Resource

win7-20240708-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Firefox Installer (1).exe

Resource

win10v2004-20240802-en

discovery spyware stealer upx

windows10-2004-x64

21 signatures

150 seconds

Behavioral task

behavioral3

Sample

out.exe

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

out.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  Firefox Installer (1).exe
- Size
  
  363KB
- MD5
  
  6ac29cfa0d706be103a429fb8408a558
- SHA1
  
  1a0b6bbfaedf49e477ed3f3a58029759a3711d51
- SHA256
  
  27cfb861e0428122c706f757af4a5a6270582eabfaa427af2df74719ed7a65f4
- SHA512
  
  44c40ecf473a09b45a87e426d00198c730def1e41a14ce7c25f72256fe1e434bef3b5af87f373f2808fe290d3d016748b41979471212a45b44105cc33da45c74
- SSDEEP
  
  6144:8aVWdyzOxeA1DfdwX3MmIOd/3KGGvJHAkisdWWhu2pnr2VaX9sT:8MROxdDfOnMmXdSGGBgc3tnrzsT
Score

7^/10

discovery upx spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  out.upx
- Size
  
  188KB
- MD5
  
  2a779706848199e597315870c4b077d4
- SHA1
  
  48c674022d55ddb45d741c9c901204471ac973c7
- SHA256
  
  d010265be33ead064c15604dcf5e90bf9f0608585eb9a04171294941e14a95a2
- SHA512
  
  b092be4b0276c4fdc95ffa9635ae7be9b7babb0d3aa99bf9b6e17b8d53fc3351b1e0934ffc19639da89e580f028c5e9c38a2e78f84a071ddb546e619cf41889c
- SSDEEP
  
  3072:488bdXF8FtO5dyzEAKZ/hx7c3unn+b09CIWncYodntK+C7VieM3SFZNt9ckP:XsdXFryQfP7nn+b0AvncfdwX3MmIO
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryspywarestealerupx

behavioral3

behavioral4

© 2018-2025

Terms | Privacy