7cd3ba0128d36bf8f01ab0dcbf2e2d6015c5715b1903f8afa9c2776f89141f69 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7cd3ba0128...69.exe

windows7-x64

8

7cd3ba0128...69.exe

windows10-2004-x64

8

Sharing

General

Target

7cd3ba0128d36bf8f01ab0dcbf2e2d6015c5715b1903f8afa9c2776f89141f69
Size

35KB
Sample

221030-sycpesgca9
MD5

c1da851c8e63032b39428457c77a79a4
SHA1

0a8376f541f34b2a056abbd789a836e2b8290917
SHA256

7cd3ba0128d36bf8f01ab0dcbf2e2d6015c5715b1903f8afa9c2776f89141f69
SHA512

feda0a04f3e9e6734274b74939a867b9d823925a44c06a2e86da96e008ff06dbd111480691f3c8a121e4ccc32c2329ff54cd705c7e7c5c283a44f70949a025ee
SSDEEP

768:ymu+DLDXCh85WepiV4vXXuCMD9CWFjv5Nmt7ICTLpE8XuS:y0DLDXChiHy4vXXuCMD9CWFjv5NmICXL

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

7cd3ba0128d36bf8f01ab0dcbf2e2d6015c5715b1903f8afa9c2776f89141f69.exe

Resource

win7-20220812-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

7cd3ba0128d36bf8f01ab0dcbf2e2d6015c5715b1903f8afa9c2776f89141f69.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  7cd3ba0128d36bf8f01ab0dcbf2e2d6015c5715b1903f8afa9c2776f89141f69
- Size
  
  35KB
- MD5
  
  c1da851c8e63032b39428457c77a79a4
- SHA1
  
  0a8376f541f34b2a056abbd789a836e2b8290917
- SHA256
  
  7cd3ba0128d36bf8f01ab0dcbf2e2d6015c5715b1903f8afa9c2776f89141f69
- SHA512
  
  feda0a04f3e9e6734274b74939a867b9d823925a44c06a2e86da96e008ff06dbd111480691f3c8a121e4ccc32c2329ff54cd705c7e7c5c283a44f70949a025ee
- SSDEEP
  
  768:ymu+DLDXCh85WepiV4vXXuCMD9CWFjv5Nmt7ICTLpE8XuS:y0DLDXChiHy4vXXuCMD9CWFjv5NmICXL
Score

8^/10
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy