Overview
overview
9Static
static
9New folder (4).rar
windows7-x64
3New folder (4).rar
windows10-2004-x64
1New folder...ew.exe
windows7-x64
7New folder...ew.exe
windows10-2004-x64
7New folder...ew.exe
windows7-x64
9New folder...ew.exe
windows10-2004-x64
9out.exe
windows7-x64
out.exe
windows10-2004-x64
New folder...ss.cfg
windows7-x64
3New folder...ss.cfg
windows10-2004-x64
3New folder...ss.exe
windows7-x64
7New folder...ss.exe
windows10-2004-x64
7New folder...ew.exe
windows7-x64
9New folder...ew.exe
windows10-2004-x64
9out.exe
windows7-x64
out.exe
windows10-2004-x64
New folder...ox.cfg
windows7-x64
3New folder...ox.cfg
windows10-2004-x64
3New folder...ox.exe
windows7-x64
7New folder...ox.exe
windows10-2004-x64
7New folder...DME.md
windows7-x64
3New folder...DME.md
windows10-2004-x64
3New folder...ew.exe
windows7-x64
9New folder...ew.exe
windows10-2004-x64
9out.exe
windows7-x64
out.exe
windows10-2004-x64
New folder...ew.exe
windows7-x64
9New folder...ew.exe
windows10-2004-x64
9out.exe
windows7-x64
out.exe
windows10-2004-x64
New folder...ew.exe
windows7-x64
7New folder...ew.exe
windows10-2004-x64
7General
-
Target
New folder (4).rar
-
Size
1.1MB
-
Sample
241110-hv96easbml
-
MD5
356f6e8762d1d5bc83d902e5d75e0533
-
SHA1
82a22059cac559ceb65019edf0b6ff0d4bb17bcc
-
SHA256
7a8aee0ff7f0eb5c8eda7fecdad3616e44adf6da1cd89dac50ae7e322f9d9ce3
-
SHA512
8747c1ee01dd7fe2d0e09354c3fd24b273aca7dd4c2bd9117a515b5e626d6397913bba45c32e05d5de5a3e19bccd988256244c1a671cc55b31c3796a902c92c1
-
SSDEEP
24576:LkxtJ6z9Gt46DvZsUuA3lVVBnM/CMp/cmRHm1E06Bbq:Lk389Gt46DBsRMlVMaMp/FH9Bbq
Behavioral task
behavioral1
Sample
New folder (4).rar
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
New folder (4).rar
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
New folder (4)/free robbux/BrowsingHistoryView.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
New folder (4)/free robbux/BrowsingHistoryView.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
New folder (4)/free robbux/ChromeHistoryView.exe
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
New folder (4)/free robbux/ChromeHistoryView.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
out.exe
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
out.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
New folder (4)/free robbux/ChromePass.cfg
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
New folder (4)/free robbux/ChromePass.cfg
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
New folder (4)/free robbux/ChromePass.exe
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
New folder (4)/free robbux/ChromePass.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
New folder (4)/free robbux/OperaPassView.exe
Resource
win7-20240708-en
Behavioral task
behavioral14
Sample
New folder (4)/free robbux/OperaPassView.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
out.exe
Resource
win7-20241010-en
Behavioral task
behavioral16
Sample
out.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
New folder (4)/free robbux/PasswordFox.cfg
Resource
win7-20241023-en
Behavioral task
behavioral18
Sample
New folder (4)/free robbux/PasswordFox.cfg
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
New folder (4)/free robbux/PasswordFox.exe
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
New folder (4)/free robbux/PasswordFox.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
New folder (4)/free robbux/README.md
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
New folder (4)/free robbux/README.md
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
New folder (4)/free robbux/RouterPassView.exe
Resource
win7-20240708-en
Behavioral task
behavioral24
Sample
New folder (4)/free robbux/RouterPassView.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
out.exe
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
out.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
New folder (4)/free robbux/SkypeLogView.exe
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
New folder (4)/free robbux/SkypeLogView.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
out.exe
Resource
win7-20241023-en
Behavioral task
behavioral30
Sample
out.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
New folder (4)/free robbux/WebBrowserPassView.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
New folder (4).rar
-
Size
1.1MB
-
MD5
356f6e8762d1d5bc83d902e5d75e0533
-
SHA1
82a22059cac559ceb65019edf0b6ff0d4bb17bcc
-
SHA256
7a8aee0ff7f0eb5c8eda7fecdad3616e44adf6da1cd89dac50ae7e322f9d9ce3
-
SHA512
8747c1ee01dd7fe2d0e09354c3fd24b273aca7dd4c2bd9117a515b5e626d6397913bba45c32e05d5de5a3e19bccd988256244c1a671cc55b31c3796a902c92c1
-
SSDEEP
24576:LkxtJ6z9Gt46DvZsUuA3lVVBnM/CMp/cmRHm1E06Bbq:Lk389Gt46DBsRMlVMaMp/FH9Bbq
Score3/10 -
-
-
Target
New folder (4)/free robbux/BrowsingHistoryView.exe
-
Size
328KB
-
MD5
d904768ad20e0a62b10b99c64931570b
-
SHA1
64c55b7f74ed9b7214c390ed4a35b383c536b55d
-
SHA256
96a74d742c4cc761d1807f263844ad6c152f54b248362d2a2dc832d030dc29d8
-
SHA512
d91327b4b9f3a77d624dca7f21a0b8fd17662e79dc16045e87bbb59299fc3a8d32a68e328a32efaf7938a675addf165e6296f2afae6d0b9cf3a3cb9efc7f4d0f
-
SSDEEP
6144:ARjPCc2a/v3TCUX0DB1XUrzD2b27xkaIepAtcmq5:lA9CKrzDmp4/
-
-
-
Target
New folder (4)/free robbux/ChromeHistoryView.exe
-
Size
166KB
-
MD5
2907f996b66c0d6865c1d018c40a3e3c
-
SHA1
0abb66d16df4f548a27c601256dcd4a13f29d6ec
-
SHA256
7763a894a09e9ec525acce501c2fd219c87d2a3c74d02afbbc687fb6e5ade65d
-
SHA512
72e78a6e1efc58ba434c67a0d0357c4da23643d04bb59fd69d6d7ed6339eee6a24726f8fffc0b370cb44333b09c756ebd3b1b4865cc44124efdb79f0306d7145
-
SSDEEP
3072:w7JeQvVTseGHB4WODZdh0+CARAzaA3tSg+hxOxuwicmAUamMFir:w78isVhibzCARcaCB+r8tDmAUam
-
Detected Nirsoft tools
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
-
-
Target
out.upx
-
Size
282KB
-
MD5
5931585f3819e1c0d2a97fbc1bda46f7
-
SHA1
6e780ab69c9e2b276978483e856c1206af0463cb
-
SHA256
4c821787ac41661408a19377ae54fbb181f36ffb2953c3a089ed0f68e9f801c0
-
SHA512
007e23d76c2fd85eab52e8686c47e70324bdb17ea2b06256bf45f4d5529cde4008cb1037979f8d15ad37060f20d017dbdc9ee9c1d52f20a706bb6ca3120351ab
-
SSDEEP
6144:vQw32C98Q97M2Om3hQBVBsJZKXI1H7WqooBwiAt:vGikKxQBVBy19G
Score1/10 -
-
-
Target
New folder (4)/free robbux/ChromePass.cfg
-
Size
315B
-
MD5
71775bf8ae53af053d3b70c31d3784e1
-
SHA1
1b12d1fb8e42b7802703c316bfedefe2e7f6b311
-
SHA256
f8bbdb15bb930ade0a5ede05a1c59a035acf9156e4ac3ed6e6f6266a4a283d64
-
SHA512
f9402e311e58bee5c9b085118ef6b0b93527b5d865077649f5b702e67f56c46c1ad4c2f12a0a9098feee2048574bbe8a8a6b2fb7940ae31ea810bdb23ae9791f
Score3/10 -
-
-
Target
New folder (4)/free robbux/ChromePass.exe
-
Size
214KB
-
MD5
7b641e136f446860c48a3a870523249f
-
SHA1
f55465c1581b8cc1a012d3b7d8504c55e8e66e1c
-
SHA256
4cd6ed20baffc008b69642cd4687249fa0568c8bb8e29ce601ab6fef8a667382
-
SHA512
fd6f09775539e77e83927585d8a3ef230399be5bd0798f073e925113faf219225145df230fc0d232c8c6d1f0ec28936b7ac593dcb25f72796310f117811bd09b
-
SSDEEP
3072:MqAceXnK1+cDhMoz0tK14S23JAzZz67uM5/CR7HVmvEuXb1/ef5iJ3l3kyY7Za:M/jchMoStJqzk4R7EvEuXJ/Oi9l3kc
-
-
-
Target
New folder (4)/free robbux/OperaPassView.exe
-
Size
39KB
-
MD5
8b4ae559ad7836b27ee9f8f171be8139
-
SHA1
c60ddcfc7b3954f4d0d515b1fdaf47c6999e50a4
-
SHA256
1130504f6095d2b09fb1ad39323ab9448798b41eb925539e2128160cec106609
-
SHA512
df13ae1aa3b481d1a819736af6dbf5fea5c930a1fe18ea0368a0d2efbe20334626dd90b42757bf8ef080f229e502c97cd6f5173738bc4967e26a04aee61c040b
-
SSDEEP
768:L2ivyslykfdDY/D16P71WO9xyOMEdSv2mtAl4B6FEfP0JtyEECLvxYZqw:ii6q5dE/Kj/5iUJDglqw
-
Detected Nirsoft tools
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
-
-
Target
out.upx
-
Size
71KB
-
MD5
4fcc7f531f66c92e331bfa8a28e3005c
-
SHA1
73e783080c0f2124fac2c41c6cd46e79892e7b7c
-
SHA256
70d71fb85db2cb2c01fb1aa401c13bbafd046888878c420ee7c54976a2cc4b8c
-
SHA512
b54bf302bb0857aac5c345ca3b5531625948c539a20c26ef7148f0ed6a4f8af631ad6f5154f0e1720681af3956dd01b31539d6030134724000d4b908d291ed51
-
SSDEEP
1536:Ygypm9xoPkrl7EsJwBbllvQDcZBqw5Y7:Ygy0oPkr1E9blGEww5Y7
Score1/10 -
-
-
Target
New folder (4)/free robbux/PasswordFox.cfg
-
Size
612B
-
MD5
332593f96c49ec52be3be9076ef33325
-
SHA1
186653be0ae1a32a4354d2421ad5eb731019f7ac
-
SHA256
5a50adbaf2d4ab9fcbb09468a3fd58ca4be0421afd8c53988c6d59e909084541
-
SHA512
607d3ad1a27c232189c335216d00cf51452204250481e71afea73d59fc9ba3226299aef10221a6a41fc58d95d42bf8a3569947bd6f31b2ede4bc065ec15592d5
Score3/10 -
-
-
Target
New folder (4)/free robbux/PasswordFox.exe
-
Size
81KB
-
MD5
1d09a1fb8cd5bbc0ce008d6df52ca7c1
-
SHA1
64d06f4325551f05057ab9210f9d680417b75d8d
-
SHA256
a4094e317a04a863e0cd8f66a4b8891d1d66261abe7c25aa83d534f17fcf1c40
-
SHA512
42f8e8f2d1624c66cc81b1086e8148ff42c0759d1950602590d0064175f360117ed118f436d8d44f686c351b589d71bcc823a1a831785fae3a76b4264700a27f
-
SSDEEP
1536:sfFduXbNkCUb9GEfwZqjLinXdYibws0zEe6RGV7rH7zgwyeg:oFdqkCUb9GbZqvinXdYibz0we6gV7rHW
-
-
-
Target
New folder (4)/free robbux/README.md
-
Size
467B
-
MD5
86f9525323483f22a60bb494755b886b
-
SHA1
4e465c3aa0b6a70781fb65c243ac777ccc33425a
-
SHA256
24ca30cdd8391a3b8f7cd87ccd0c2ae04bc4ff1dcf369023b16ca50087777b5d
-
SHA512
69827484de375f00dc92ef59ce482affae73159dc2cface1512cdd861808312245be58c04a743b5b3064a60a2a8cd417b8b0254806e89014f989c45c0e2d82a9
Score3/10 -
-
-
Target
New folder (4)/free robbux/RouterPassView.exe
-
Size
71KB
-
MD5
e8e5092e66437517f5940e1498075ccb
-
SHA1
92518cd8f52fc30e852f3b51450f9288b2f36b70
-
SHA256
cee7a91f25d2bed0ba442b25bc5a4c516c61d4bacb3c096dfdbda29efb99a140
-
SHA512
af5244603718e211f851b92a71f4fa794475a76bce2c4d10fe58dc2de0f6af03adde64e2e3a25918297f51fadba10a9533fb31cfeef0361b31ae93b891abcaca
-
SSDEEP
1536:Gw0y1nAzKcbvLx+qLxxugU3GI71x5wVtsUtvc4R3Z0qehOx:GwDNTc/04NG7hx5wVuiBR3Z0qX
-
Detected Nirsoft tools
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
-
-
Target
out.upx
-
Size
121KB
-
MD5
65de058371131d1d0e7e7013e30b363c
-
SHA1
d29b74805a5365b5d67f994e47ee1afe317120ea
-
SHA256
d2bc5c434177fa16ad9ce47b54b1cc54380e528e3b984b8224dfd61b200c17e3
-
SHA512
8b0d5fa114762a8951fd96332e02adaaf3ca513becc33676ef3bb995e65ba9307ecde48856e94205359d9e1082514f105e0c10d19bbb2c198aa7a2e3a2c217dd
-
SSDEEP
3072:uWvsHSyzluVNKeKlP2uPJKYneToNZrYiBR3Z0qV7:houVNKeDhYUoTr
Score1/10 -
-
-
Target
New folder (4)/free robbux/SkypeLogView.exe
-
Size
176KB
-
MD5
785d31c38a4b22d5565553ff1ea237d2
-
SHA1
3328ce00d2f9cfe8c8a7e1f160608531b1b2e3d6
-
SHA256
8a9fa898036cba2b6a8face4857ce39dca55fb97659cb72c3c51d18b4bf8f01e
-
SHA512
1f16091d14ed2906021a643e96b192f7893f7c5fe0b38ac3bd9ce906ee17a847f97648a1084336f8a6a31de72174e34b21fd3c64aa9c0b1822290e57b603d5b9
-
SSDEEP
3072:5qZCncA72odyw83PYEreyqhWLwr9/Uv0qFyMMxQimJUuXdK/c7oDJwJinMgZskrw:5tQocxCzvLYaQimGwdK/c7Y4gr05
-
Detected Nirsoft tools
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
-
-
Target
out.upx
-
Size
294KB
-
MD5
41aff1939a7d97ce6413f484ea840c9d
-
SHA1
ef908d77a01b7519433eb343d407bc32edf60efb
-
SHA256
54c4b9f5930bb24c68e20df0e0898c1c336b5fc3c233010de56732db7a9f9ed3
-
SHA512
9d41f2bae2f69ac20d7fe7be5bd9c9c57e9e1a2138e41e65dcdb775fb43cbb52bdf98ae41933e15f4c6a12d40a1e50a67ca07f58888fb8de76502a5239227edb
-
SSDEEP
6144:DO+bvpj3E57oB03+x78JbesZ+q3IiK0KfxWyodw:PBD0M8+SNZ+8ifCdw
Score1/10 -
-
-
Target
New folder (4)/free robbux/WebBrowserPassView.exe
-
Size
322KB
-
MD5
72fd6461a367042c3a0a661eda3e54ee
-
SHA1
3173415de5974721403dee428734a1770a209343
-
SHA256
968f4d16f90626f97ee929ec1b0ef9b78033c5cd1914de26e751091d078e2d4c
-
SHA512
0ce286e6a1248d7597ab2b86d015855168af61124b272073dd6b14ff0f3c2f60b94fedebc73bb3cf4731f42e8d7b39915b19c56ba7ebff84835a734b8a1beb83
-
SSDEEP
6144:YsLJowx1cVu3Ml1f28Bdc33je5NfA9NAtaKkihA:YC7xpkLDc38495Kkv
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1