Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

Fenc_Gener...on.exe

windows7_x64

10

Fenc_Gener...on.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Fenc_General Presentation.exe

  • Size

    447KB

  • Sample

    200709-36ekkxtbpa

  • MD5

    6550d5ad0410e634c7bab8e161fadf88

  • SHA1

    8819193d0ad3e5c5717107aca3920ed283c53e80

  • SHA256

    bd2bf7c79dda8208f9ec0c2199d1ec61058aa43bbe6f8548623444fc143a3aec

  • SHA512

    57eb107f455af652096ea9bef547c90e460216a948883bf70564651d058b039ad62ad4e80c1c52ec15218d58dcb4bb8b2b48830b37bde30962a5c676838bd39c

Score
10/10
evasionpersistencespywaretrojan

Malware Config

Targets

    • Target

      Fenc_General Presentation.exe

    • Size

      447KB

    • MD5

      6550d5ad0410e634c7bab8e161fadf88

    • SHA1

      8819193d0ad3e5c5717107aca3920ed283c53e80

    • SHA256

      bd2bf7c79dda8208f9ec0c2199d1ec61058aa43bbe6f8548623444fc143a3aec

    • SHA512

      57eb107f455af652096ea9bef547c90e460216a948883bf70564651d058b039ad62ad4e80c1c52ec15218d58dcb4bb8b2b48830b37bde30962a5c676838bd39c

    Score
    10/10
    evasiontrojanpersistencespyware

    • UAC bypass

      evasiontrojan

    • Windows security bypass

      evasiontrojan

    • Adds Run entry to policy start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Adds Run entry to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks