0499d7df407fe47222db8b2faa8e3ced163ba7282a813a7b3f1982fd6972debf | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

0499d7df40...bf.exe

windows7-x64

8

0499d7df40...bf.exe

windows10-2004-x64

8

Sharing

General

Target

0499d7df407fe47222db8b2faa8e3ced163ba7282a813a7b3f1982fd6972debf
Size

17.6MB
Sample

221026-2qch5ahfdm
MD5

225bc0288488af176cb9e9cd870bbed4
SHA1

7a1aa113896bb9665ae2f2253d56e54b11e1797d
SHA256

0499d7df407fe47222db8b2faa8e3ced163ba7282a813a7b3f1982fd6972debf
SHA512

15e46aa7d5e7f94ad35e5bed5c2039dd10298ee3ca3a52040bbfbeddf670031df3b78ac51d7ee5c39af66d7cb32d7b27266be3071b309abc241287dad1715f3f
SSDEEP

393216:VGsxacUdcfF/WB7cJQdk7iG95yfxOwDatwyRViUWA:VGsic987cJiKNTcxOwOtNRVlT

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

0499d7df407fe47222db8b2faa8e3ced163ba7282a813a7b3f1982fd6972debf.exe

Resource

win7-20220812-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

0499d7df407fe47222db8b2faa8e3ced163ba7282a813a7b3f1982fd6972debf.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  0499d7df407fe47222db8b2faa8e3ced163ba7282a813a7b3f1982fd6972debf
- Size
  
  17.6MB
- MD5
  
  225bc0288488af176cb9e9cd870bbed4
- SHA1
  
  7a1aa113896bb9665ae2f2253d56e54b11e1797d
- SHA256
  
  0499d7df407fe47222db8b2faa8e3ced163ba7282a813a7b3f1982fd6972debf
- SHA512
  
  15e46aa7d5e7f94ad35e5bed5c2039dd10298ee3ca3a52040bbfbeddf670031df3b78ac51d7ee5c39af66d7cb32d7b27266be3071b309abc241287dad1715f3f
- SSDEEP
  
  393216:VGsxacUdcfF/WB7cJQdk7iG95yfxOwDatwyRViUWA:VGsic987cJiKNTcxOwOtNRVlT
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy