58b5c6c25f75e4fa1058eae2973b621a18969ee40badb4c2529cf88339a5da9b | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

8

58b5c6c25f...9b.exe

windows7-x64

58b5c6c25f...9b.exe

windows10-2004-x64

Sharing

General

Target

58b5c6c25f75e4fa1058eae2973b621a18969ee40badb4c2529cf88339a5da9b
Size

298KB
Sample

220919-qf3f1sebej
MD5

13066e92e8a49557d4a31b2d99735ba2
SHA1

9bbfb875199972c7aca96d01be629f38533b0657
SHA256

58b5c6c25f75e4fa1058eae2973b621a18969ee40badb4c2529cf88339a5da9b
SHA512

016b1b6b5dfbdaf166fbb9ea6802c44bf81f1f838ae0fb35150b073d023961e8bca1e81cfea42e20b6dbf292673e9b35b2b06d17fad4258ef0d1870153f8f09d
SSDEEP

6144:EuIlWqB+ihabs7Ch9KwyF5LeLodp2D1Mmakda0qLqIYw:v6Wq4aaE6KwyF5L0Y2D1PqLX

Score

10^/10

evasion upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

58b5c6c25f75e4fa1058eae2973b621a18969ee40badb4c2529cf88339a5da9b.exe

Resource

win7-20220812-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

58b5c6c25f75e4fa1058eae2973b621a18969ee40badb4c2529cf88339a5da9b.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  58b5c6c25f75e4fa1058eae2973b621a18969ee40badb4c2529cf88339a5da9b
- Size
  
  298KB
- MD5
  
  13066e92e8a49557d4a31b2d99735ba2
- SHA1
  
  9bbfb875199972c7aca96d01be629f38533b0657
- SHA256
  
  58b5c6c25f75e4fa1058eae2973b621a18969ee40badb4c2529cf88339a5da9b
- SHA512
  
  016b1b6b5dfbdaf166fbb9ea6802c44bf81f1f838ae0fb35150b073d023961e8bca1e81cfea42e20b6dbf292673e9b35b2b06d17fad4258ef0d1870153f8f09d
- SSDEEP
  
  6144:EuIlWqB+ihabs7Ch9KwyF5LeLodp2D1Mmakda0qLqIYw:v6Wq4aaE6KwyF5L0Y2D1PqLX
Score

10^/10

evasion upx
- Modifies visibility of file extensions in Explorer
  evasion
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy