28cbe3f77d6cd8fd49bcdf7528b97d8c875f5236bbe03eae614e2009cc562c7c | Triage

Submit
Reports

Overview

overview

8

Static

static

1

gdfdre.txt

windows7-x64

3

gdfdre.txt

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

gdfdre.txt
Size

1KB
Sample

240817-1e6r6a1cmr
MD5

7b97e788b45ddc9c904672c0a5f7336d
SHA1

ea91aa392e8922096fd785f350e634ad71b11274
SHA256

28cbe3f77d6cd8fd49bcdf7528b97d8c875f5236bbe03eae614e2009cc562c7c
SHA512

b1d0704142edb05402834420d1a6485d3576d1475cbd0ec1c4c0b40e79ec703658bdca620b903671b11bad30f9878ee2eae97043ad97a943adca1eb809997f8b

Score

8^/10

discovery pyinstaller spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

gdfdre.txt

Resource

win7-20240704-en

windows7-x64

8 signatures

1800 seconds

Behavioral task

behavioral2

Sample

gdfdre.txt

Resource

win10v2004-20240802-en

discovery pyinstaller spyware stealer

windows10-2004-x64

27 signatures

1800 seconds

Malware Config

Targets

- Target
  
  gdfdre.txt
- Size
  
  1KB
- MD5
  
  7b97e788b45ddc9c904672c0a5f7336d
- SHA1
  
  ea91aa392e8922096fd785f350e634ad71b11274
- SHA256
  
  28cbe3f77d6cd8fd49bcdf7528b97d8c875f5236bbe03eae614e2009cc562c7c
- SHA512
  
  b1d0704142edb05402834420d1a6485d3576d1475cbd0ec1c4c0b40e79ec703658bdca620b903671b11bad30f9878ee2eae97043ad97a943adca1eb809997f8b
Score

8^/10

discovery pyinstaller spyware stealer
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypyinstallerspywarestealer

© 2018-2025

Terms | Privacy