88eea96b008746e421344f0ea027f3ef87cb438dfc2b97770f0ec55abb7cefdd | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

cryptolaemus

windows10-2004-x64

9

cryptolaemus

windows11-21h2-x64

9

Sharing

General

Target

88eea96b008746e421344f0ea027f3ef87cb438dfc2b97770f0ec55abb7cefdd
Size

89KB
Sample

240823-jf22xsvapl
MD5

5832f36b6c3cb6939d3971057e98e472
SHA1

0bbfa48b440b7e4de1e0ce09a1fee1c9ccae7df5
SHA256

88eea96b008746e421344f0ea027f3ef87cb438dfc2b97770f0ec55abb7cefdd
SHA512

550b45b84e906272eef5fb6b0fad2eae90ca0a50ca94e76a0c504e964ad8653b7ff93656ab3507c642c8ee9811f858562caa61f5744a4e18b5c60e95d585693a
SSDEEP

1536:L7fPGykbOqjoHm4pICdfkLtAfupcWX50MxFY+yIOlnToIfwxVinO+:Hq6+ouCpk2mpcWJ0r+QNTBfwaR

Score

9^/10

credential_access discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

88eea96b008746e421344f0ea027f3ef87cb438dfc2b97770f0ec55abb7cefdd.exe

Resource

win10v2004-20240802-en

credential_access discovery stealer

windows10-2004-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

88eea96b008746e421344f0ea027f3ef87cb438dfc2b97770f0ec55abb7cefdd.exe

Resource

win11-20240802-en

credential_access discovery stealer

windows11-21h2-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  88eea96b008746e421344f0ea027f3ef87cb438dfc2b97770f0ec55abb7cefdd
- Size
  
  89KB
- MD5
  
  5832f36b6c3cb6939d3971057e98e472
- SHA1
  
  0bbfa48b440b7e4de1e0ce09a1fee1c9ccae7df5
- SHA256
  
  88eea96b008746e421344f0ea027f3ef87cb438dfc2b97770f0ec55abb7cefdd
- SHA512
  
  550b45b84e906272eef5fb6b0fad2eae90ca0a50ca94e76a0c504e964ad8653b7ff93656ab3507c642c8ee9811f858562caa61f5744a4e18b5c60e95d585693a
- SSDEEP
  
  1536:L7fPGykbOqjoHm4pICdfkLtAfupcWX50MxFY+yIOlnToIfwxVinO+:Hq6+ouCpk2mpcWJ0r+QNTBfwaR
Score

9^/10

credential_access discovery stealer
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessdiscoverystealer

behavioral2

credential_accessdiscoverystealer

© 2018-2025

Terms | Privacy