3ecf06a01abb97a4fc4f2a91242d1c8a05386aaec37438178325cf2d3adb0cae | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

8

3ecf06a01a...ae.exe

windows7-x64

3ecf06a01a...ae.exe

windows10-2004-x64

Sharing

General

Target

3ecf06a01abb97a4fc4f2a91242d1c8a05386aaec37438178325cf2d3adb0cae
Size

298KB
Sample

220919-r78msahdhk
MD5

1e8f0889c59378e310770338bd32ef79
SHA1

7a0737c5b4dce1430f2f56cfaae4a8345ac69d66
SHA256

3ecf06a01abb97a4fc4f2a91242d1c8a05386aaec37438178325cf2d3adb0cae
SHA512

9326ad541217ee30b568af1d64e79378727f1ad16d9880d90ef05994788cc74e82d6d6b329576240a071d0b6c99bb8780771d3aad244b622b2beec5d117eedf9
SSDEEP

6144:EuIlWqB+ihabs7Ch9KwyF5LeLodp2D1Mmakda0qLqIYh:v6Wq4aaE6KwyF5L0Y2D1PqLg

Score

10^/10

evasion upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

3ecf06a01abb97a4fc4f2a91242d1c8a05386aaec37438178325cf2d3adb0cae.exe

Resource

win7-20220812-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

3ecf06a01abb97a4fc4f2a91242d1c8a05386aaec37438178325cf2d3adb0cae.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  3ecf06a01abb97a4fc4f2a91242d1c8a05386aaec37438178325cf2d3adb0cae
- Size
  
  298KB
- MD5
  
  1e8f0889c59378e310770338bd32ef79
- SHA1
  
  7a0737c5b4dce1430f2f56cfaae4a8345ac69d66
- SHA256
  
  3ecf06a01abb97a4fc4f2a91242d1c8a05386aaec37438178325cf2d3adb0cae
- SHA512
  
  9326ad541217ee30b568af1d64e79378727f1ad16d9880d90ef05994788cc74e82d6d6b329576240a071d0b6c99bb8780771d3aad244b622b2beec5d117eedf9
- SSDEEP
  
  6144:EuIlWqB+ihabs7Ch9KwyF5LeLodp2D1Mmakda0qLqIYh:v6Wq4aaE6KwyF5L0Y2D1PqLg
Score

10^/10

evasion upx
- Modifies visibility of file extensions in Explorer
  evasion
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy