95c4ad009aa47ce58e2a69dab133af9965702477734d437a06b31ddb36932bde | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

95c4ad009a...de.exe

windows7-x64

8

95c4ad009a...de.exe

windows10-2004-x64

8

Sharing

General

Target

95c4ad009aa47ce58e2a69dab133af9965702477734d437a06b31ddb36932bde
Size

1.0MB
Sample

221001-xj4ltaccen
MD5

74328778f5f7d6c4c35f81ad81ad7900
SHA1

97605e8a1baf22d893cdbb8e2193b4a7736c5e7b
SHA256

95c4ad009aa47ce58e2a69dab133af9965702477734d437a06b31ddb36932bde
SHA512

0d48a1ab15a3cc19d3df8b2e6f0ae19ea594ea74a5f2cafc82a91a113bb7a9d8ac272a89b835969c8dce8825511cf42597b34024b71de3a4f70a1b3d26192dd3
SSDEEP

24576:g7yk0io2p713b8Kvhk2wj61iryAvSFUy+HQPKh:UMDy71rnF12yAMKT

Score

8^/10

discovery evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

95c4ad009aa47ce58e2a69dab133af9965702477734d437a06b31ddb36932bde.exe

Resource

win7-20220812-en

discovery evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

95c4ad009aa47ce58e2a69dab133af9965702477734d437a06b31ddb36932bde.exe

Resource

win10v2004-20220901-en

discovery evasion persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  95c4ad009aa47ce58e2a69dab133af9965702477734d437a06b31ddb36932bde
- Size
  
  1.0MB
- MD5
  
  74328778f5f7d6c4c35f81ad81ad7900
- SHA1
  
  97605e8a1baf22d893cdbb8e2193b4a7736c5e7b
- SHA256
  
  95c4ad009aa47ce58e2a69dab133af9965702477734d437a06b31ddb36932bde
- SHA512
  
  0d48a1ab15a3cc19d3df8b2e6f0ae19ea594ea74a5f2cafc82a91a113bb7a9d8ac272a89b835969c8dce8825511cf42597b34024b71de3a4f70a1b3d26192dd3
- SSDEEP
  
  24576:g7yk0io2p713b8Kvhk2wj61iryAvSFUy+HQPKh:UMDy71rnF12yAMKT
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Drops startup file
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan

© 2018-2025

Terms | Privacy