e00ec3523cb3f1729f64dc91a3f37b9db418b0a48f8c3a50eaf4f5a064ce28cc | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

5

e00ec3523c...cc.exe

windows7-x64

9

e00ec3523c...cc.exe

windows10-2004-x64

9

Sharing

General

Target

e00ec3523cb3f1729f64dc91a3f37b9db418b0a48f8c3a50eaf4f5a064ce28cc
Size

896KB
Sample

240906-qee94aydrf
MD5

9720060a0108d1a36b6f051e31353414
SHA1

b76f37758bddb8c2c42a640c4ebf395fb48b4375
SHA256

e00ec3523cb3f1729f64dc91a3f37b9db418b0a48f8c3a50eaf4f5a064ce28cc
SHA512

7b649c39156361dedb9bb060052aaa04163ad18c2751bbb489a3226eca77c4048409ca94a4c8942d5d840b5085376fcd41b7252e1a9eec9c983b90939f70bd51
SSDEEP

12288:9qDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgarTa:9qDEvCTbMWu7rQYlBQcBiT6rprG8ava

Score

9^/10

credential_access discovery stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

e00ec3523cb3f1729f64dc91a3f37b9db418b0a48f8c3a50eaf4f5a064ce28cc.exe

Resource

win7-20240729-en

credential_access discovery stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

e00ec3523cb3f1729f64dc91a3f37b9db418b0a48f8c3a50eaf4f5a064ce28cc.exe

Resource

win10v2004-20240802-en

credential_access discovery stealer

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  e00ec3523cb3f1729f64dc91a3f37b9db418b0a48f8c3a50eaf4f5a064ce28cc
- Size
  
  896KB
- MD5
  
  9720060a0108d1a36b6f051e31353414
- SHA1
  
  b76f37758bddb8c2c42a640c4ebf395fb48b4375
- SHA256
  
  e00ec3523cb3f1729f64dc91a3f37b9db418b0a48f8c3a50eaf4f5a064ce28cc
- SHA512
  
  7b649c39156361dedb9bb060052aaa04163ad18c2751bbb489a3226eca77c4048409ca94a4c8942d5d840b5085376fcd41b7252e1a9eec9c983b90939f70bd51
- SSDEEP
  
  12288:9qDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgarTa:9qDEvCTbMWu7rQYlBQcBiT6rprG8ava
Score

9^/10

credential_access discovery stealer
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessdiscoverystealer

behavioral2

credential_accessdiscoverystealer

© 2018-2025

Terms | Privacy