470d90ec620da317d6365412ec34a411d4ed0b12b90cc02399c5a57ca209a78e | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

AccGenerator.exe

windows11-21h2-x64

8

Sharing

General

Target

AccGenerator.zip
Size

12.9MB
Sample

250328-dc3lds1vcs
MD5

ce094a9ef628cd7ba0616d58aec42512
SHA1

bcd7075f77cbd97a6196008f73f1768142c4dc39
SHA256

470d90ec620da317d6365412ec34a411d4ed0b12b90cc02399c5a57ca209a78e
SHA512

1a0231933a0e148742bb3db25108031dc37faaa2a4b7bf3e61e5a884926b5b9f847c5c9b78360afb529d98f016c859bc7b6fda4905df432d222f49bca785b4f7
SSDEEP

393216:sJlxY+2nQJe3JjIPZ4cHU1sMtS/6Ts8+xFJOs3mi:sHxY+8uMJjIPO6MgyQ8+xFrv

Score

8^/10

credential_access discovery pyinstaller stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

AccGenerator.exe

Resource

win11-20250313-en

credential_access discovery stealer

windows11-21h2-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  AccGenerator.exe
- Size
  
  13.2MB
- MD5
  
  6945d0630139e2d1f6195f8455d36553
- SHA1
  
  fe83987ef7ce5b17a06387d5bb3729803812b8c1
- SHA256
  
  6198793cde7e2f3dc53c62036e300ee46bbefe5956f30ea78c6088c40db1abd9
- SHA512
  
  058de495189967e5129fa395b7be99ba6c5a5bc09d71f1d0f833703317ac17e31786a58d96681e8a6d0272bdb0f07533c493ad91a0ff9af92b8d04915eae32fa
- SSDEEP
  
  393216:BY3aADfDtlpfaMPY9sw3n48A4oLKMiFeER3E3rQ:BY3NbxHf9PcsYApKMkeER
Score

8^/10

credential_access discovery stealer
- Uses browser remote debugging
  Can be used control the browser and steal sensitive information such as credentials and session cookies.
  credential_access stealer
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Checks system information in the registry
  System information is often read in order to detect sandboxing environments.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Modify Authentication Process

Privilege Escalation

Defense Evasion

Modify Authentication Process

Credential Access

Modify Authentication Process

Steal Web Session Cookie

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessdiscoverystealer

© 2018-2025

Terms | Privacy