2cee09ed857190b86fb172149b110ef981b07da7cda52f2c0b71dee7d1676928 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

winprofile

windows7-x64

9

winprofile

windows10-1703-x64

9

Sharing

General

Target

2cee09ed857190b86fb172149b110ef981b07da7cda52f2c0b71dee7d1676928
Size

2KB
Sample

240909-fn4zpssgpk
MD5

74b11b2ced42657dac71e2bc9d3bdb3e
SHA1

6ed8eb346f88fa603a0fd6fc5c7564491f7b44bd
SHA256

2cee09ed857190b86fb172149b110ef981b07da7cda52f2c0b71dee7d1676928
SHA512

85afe0d2f15c198a84546ca50ae3e0b07a1e4fb4d9bc0d4cc59ae2ca2335a1ff146be4158479cdd7f9a595e9c8bb6bbed6819c6aec8b4cbeb1444188dd6dc526

Score

10^/10

credential_access discovery execution stealer

Static task

static1

Behavioral task

behavioral1

Sample

2cee09ed857190b86fb172149b110ef981b07da7cda52f2c0b71dee7d1676928.ps1

Resource

win7-20240903-en

credential_access discovery execution stealer

windows7-x64

12 signatures

300 seconds

Behavioral task

behavioral2

Sample

2cee09ed857190b86fb172149b110ef981b07da7cda52f2c0b71dee7d1676928.ps1

Resource

win10-20240404-en

credential_access discovery execution stealer

windows10-1703-x64

15 signatures

300 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd

Targets

- Target
  
  2cee09ed857190b86fb172149b110ef981b07da7cda52f2c0b71dee7d1676928
- Size
  
  2KB
- MD5
  
  74b11b2ced42657dac71e2bc9d3bdb3e
- SHA1
  
  6ed8eb346f88fa603a0fd6fc5c7564491f7b44bd
- SHA256
  
  2cee09ed857190b86fb172149b110ef981b07da7cda52f2c0b71dee7d1676928
- SHA512
  
  85afe0d2f15c198a84546ca50ae3e0b07a1e4fb4d9bc0d4cc59ae2ca2335a1ff146be4158479cdd7f9a595e9c8bb6bbed6819c6aec8b4cbeb1444188dd6dc526
Score

9^/10

credential_access discovery execution stealer
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessdiscoveryexecutionstealer

behavioral2

credential_accessdiscoveryexecutionstealer

© 2018-2025

Terms | Privacy