f754964e65f52f83f1dfde2ed8ecd124d3afbb380525a61bade2081295e0ab22 | Triage

Submit
Reports

Overview

overview

9

Static

static

3

cryptolaemus

windows10-2004-x64

7

cryptolaemus

windows11-21h2-x64

9

Sharing

General

Target

f754964e65f52f83f1dfde2ed8ecd124d3afbb380525a61bade2081295e0ab22
Size

89KB
Sample

240903-d4appaxdkf
MD5

b2af489674663ab31c25a2879013c94c
SHA1

858961e2b4eaaf1b22a3f91b4a3148eadd324a6f
SHA256

f754964e65f52f83f1dfde2ed8ecd124d3afbb380525a61bade2081295e0ab22
SHA512

005cc879231854d3a9f8cb6c6ca8777b69c0e07f1941242e639fecbffd289cc156bcbb65586db2188100dfbb87a7aec06d28cfd49f511333c20d03f60ef68485
SSDEEP

1536:L7fPGykbOqjoHm4pICdfkLtAfupcWX50MxFY+yIOlnToIfrxOdPO+:Hq6+ouCpk2mpcWJ0r+QNTBfrG

Score

9^/10

credential_access discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f754964e65f52f83f1dfde2ed8ecd124d3afbb380525a61bade2081295e0ab22.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

f754964e65f52f83f1dfde2ed8ecd124d3afbb380525a61bade2081295e0ab22.exe

Resource

win11-20240802-en

credential_access discovery stealer

windows11-21h2-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  f754964e65f52f83f1dfde2ed8ecd124d3afbb380525a61bade2081295e0ab22
- Size
  
  89KB
- MD5
  
  b2af489674663ab31c25a2879013c94c
- SHA1
  
  858961e2b4eaaf1b22a3f91b4a3148eadd324a6f
- SHA256
  
  f754964e65f52f83f1dfde2ed8ecd124d3afbb380525a61bade2081295e0ab22
- SHA512
  
  005cc879231854d3a9f8cb6c6ca8777b69c0e07f1941242e639fecbffd289cc156bcbb65586db2188100dfbb87a7aec06d28cfd49f511333c20d03f60ef68485
- SSDEEP
  
  1536:L7fPGykbOqjoHm4pICdfkLtAfupcWX50MxFY+yIOlnToIfrxOdPO+:Hq6+ouCpk2mpcWJ0r+QNTBfrG
Score

9^/10

discovery credential_access stealer
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

credential_accessdiscoverystealer

© 2018-2025

Terms | Privacy