192b5598bee9ffe1972e5255c6f0a52809f75d59818d687942d52f7a15b05f01 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

192b5598be...01.exe

windows7-x64

8

192b5598be...01.exe

windows10-2004-x64

8

Sharing

General

Target

192b5598bee9ffe1972e5255c6f0a52809f75d59818d687942d52f7a15b05f01
Size

942KB
Sample

221011-q3nldagda5
MD5

5c307fd21348042654653461ab670190
SHA1

c2b3df2d371d205b5fc20bfb04f3cab81685bd36
SHA256

192b5598bee9ffe1972e5255c6f0a52809f75d59818d687942d52f7a15b05f01
SHA512

76f713d8af6a2c1777815ebe9f72989efe705d67229cb82e5aad3f7af75a4edcba1b029bfd36927f6c748f6f2c9775432bc30e5086b86ed170cdf3529884fc11
SSDEEP

12288:haEdy36sdyaobSduZ53nvrKzQMZs8uJTSggr2kab+YUGoRaKSYRvGHzpa9IOMUd:qtyZSdyvuzXZGJTarCUPR0SZ9INUd

Score

8^/10

discovery evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

192b5598bee9ffe1972e5255c6f0a52809f75d59818d687942d52f7a15b05f01.exe

Resource

win7-20220812-en

discovery evasion persistence trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

192b5598bee9ffe1972e5255c6f0a52809f75d59818d687942d52f7a15b05f01.exe

Resource

win10v2004-20220812-en

discovery evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  192b5598bee9ffe1972e5255c6f0a52809f75d59818d687942d52f7a15b05f01
- Size
  
  942KB
- MD5
  
  5c307fd21348042654653461ab670190
- SHA1
  
  c2b3df2d371d205b5fc20bfb04f3cab81685bd36
- SHA256
  
  192b5598bee9ffe1972e5255c6f0a52809f75d59818d687942d52f7a15b05f01
- SHA512
  
  76f713d8af6a2c1777815ebe9f72989efe705d67229cb82e5aad3f7af75a4edcba1b029bfd36927f6c748f6f2c9775432bc30e5086b86ed170cdf3529884fc11
- SSDEEP
  
  12288:haEdy36sdyaobSduZ53nvrKzQMZs8uJTSggr2kab+YUGoRaKSYRvGHzpa9IOMUd:qtyZSdyvuzXZGJTarCUPR0SZ9INUd
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan

© 2018-2025

Terms | Privacy