85e27a1781cf4c5207506a5c2a7df47ab4b79186ffeb2fa6665fb4c2bd50f261 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

PO#5477758...at.exe

windows7_x64

7

PO#5477758...at.exe

windows10_x64

7

Sharing

General

Target

PO#54777587657864.bat
Size

552KB
Sample

200712-tknpnph1dn
MD5

91d19d78b995cb707d82b22825351174
SHA1

466c85478cbaac4e0f13cabcb042fce4476b518c
SHA256

85e27a1781cf4c5207506a5c2a7df47ab4b79186ffeb2fa6665fb4c2bd50f261
SHA512

c919d0d0055e5777af728859488a74872024538231d180c8b24c8ca08af30f2faf34475ad16901191aa5cee5e6df50520d862fd526e81656b35a47e717faa3be

Score

7^/10

persistence spyware

Static task

static1

Behavioral task

behavioral1

Sample

PO#54777587657864.bat.exe

Resource

win7

persistence spyware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

PO#54777587657864.bat.exe

Resource

win10v200430

spyware persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  PO#54777587657864.bat
- Size
  
  552KB
- MD5
  
  91d19d78b995cb707d82b22825351174
- SHA1
  
  466c85478cbaac4e0f13cabcb042fce4476b518c
- SHA256
  
  85e27a1781cf4c5207506a5c2a7df47ab4b79186ffeb2fa6665fb4c2bd50f261
- SHA512
  
  c919d0d0055e5777af728859488a74872024538231d180c8b24c8ca08af30f2faf34475ad16901191aa5cee5e6df50520d862fd526e81656b35a47e717faa3be
Score

7^/10

persistence spyware
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Adds Run entry to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespyware

behavioral2

spywarepersistence

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.