warmcookie | f75158de839346c9a029d30fb806cb6b4cefa12cd2eb2fe6b58703e91261c27a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

sdugui.exe

windows7-x64

sdugui.exe

windows10-2004-x64

Sharing

General

Target

sdugui.exe
Size

4.3MB
Sample

241210-bb275aspfp
MD5

df396cf675609c231fa1a10db500a580
SHA1

650ebb9a215dd32d170030bab5f0c146fcb8728b
SHA256

f75158de839346c9a029d30fb806cb6b4cefa12cd2eb2fe6b58703e91261c27a
SHA512

a0898ce8ebf4521e356765ba962b1788c250ba2b5236d8923ed31a7ef95cc8fe03bb19d53db083cbff4665add99199569c42b329bd3d529208f41a150811fc12
SSDEEP

98304:hd+YP3dtWIHT04RKrWavmJa9bVu0VLGMb5Cx0taAUgLdpq+Xvna9k7VoiX996KcK:hhP3/WIw3+aNVu0VLGMb5Cx0taAUgLdD

Score

10^/10

warmcookie backdoor

Static task

static1

Behavioral task

behavioral1

Sample

sdugui.exe

Resource

win7-20240729-en

warmcookie backdoor

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

sdugui.exe

Resource

win10v2004-20241007-en

warmcookie backdoor

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

warmcookie

C2

149.248.7.220

Attributes

mutex
1616f1db-46d4-41cb-8e3d-6472fa64014d
user_agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0

Targets

- Target
  
  sdugui.exe
- Size
  
  4.3MB
- MD5
  
  df396cf675609c231fa1a10db500a580
- SHA1
  
  650ebb9a215dd32d170030bab5f0c146fcb8728b
- SHA256
  
  f75158de839346c9a029d30fb806cb6b4cefa12cd2eb2fe6b58703e91261c27a
- SHA512
  
  a0898ce8ebf4521e356765ba962b1788c250ba2b5236d8923ed31a7ef95cc8fe03bb19d53db083cbff4665add99199569c42b329bd3d529208f41a150811fc12
- SSDEEP
  
  98304:hd+YP3dtWIHT04RKrWavmJa9bVu0VLGMb5Cx0taAUgLdpq+Xvna9k7VoiX996KcK:hhP3/WIw3+aNVu0VLGMb5Cx0taAUgLdD
Score

10^/10

warmcookie backdoor
- Warmcookie family
  warmcookie
- Warmcookie, Badspace
  Warmcookie aka Badspace is a backdoor written in C++.
  backdoor warmcookie
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warmcookiebackdoor

behavioral2

warmcookiebackdoor

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.