36b3add1eec474f1eeb6769f238b5e70fce7f6e1409d6c25553595b811d65d02 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

36b3add1ee...02.exe

windows7-x64

8

36b3add1ee...02.exe

windows10-2004-x64

8

Sharing

General

Target

36b3add1eec474f1eeb6769f238b5e70fce7f6e1409d6c25553595b811d65d02
Size

199KB
Sample

221106-k76d4affcq
MD5

2cd6a4970a4be157f3acf3358928b3c0
SHA1

64963623cdd6295df1c886a8d277448561d1d962
SHA256

36b3add1eec474f1eeb6769f238b5e70fce7f6e1409d6c25553595b811d65d02
SHA512

49fc3d6364ef90113b172de933d8f986f95c7315310b5ddf6e55525a9c2e3176a51cdfd97e6bd08ed5563ad918cf575bb45e52f52c5860a8191a5ee87905abff
SSDEEP

3072:B3Hb/JCI5Hh1PR8/+SCSwp0HBSDCfM7OFeBoPM9ArZuih+cUsf:9jwQHrR8/Apm18O8BJ9BihN

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

36b3add1eec474f1eeb6769f238b5e70fce7f6e1409d6c25553595b811d65d02.exe

Resource

win7-20220812-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

36b3add1eec474f1eeb6769f238b5e70fce7f6e1409d6c25553595b811d65d02.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  36b3add1eec474f1eeb6769f238b5e70fce7f6e1409d6c25553595b811d65d02
- Size
  
  199KB
- MD5
  
  2cd6a4970a4be157f3acf3358928b3c0
- SHA1
  
  64963623cdd6295df1c886a8d277448561d1d962
- SHA256
  
  36b3add1eec474f1eeb6769f238b5e70fce7f6e1409d6c25553595b811d65d02
- SHA512
  
  49fc3d6364ef90113b172de933d8f986f95c7315310b5ddf6e55525a9c2e3176a51cdfd97e6bd08ed5563ad918cf575bb45e52f52c5860a8191a5ee87905abff
- SSDEEP
  
  3072:B3Hb/JCI5Hh1PR8/+SCSwp0HBSDCfM7OFeBoPM9ArZuih+cUsf:9jwQHrR8/Apm18O8BJ9BihN
Score

8^/10

persistence
- Executes dropped EXE
- Registers COM server for autorun
  persistence
- Deletes itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy