aba61853ac77c4f5f9707a153e78cf8254c7406b74a231e756d011bbf02d4a8d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

aba61853ac...8d.exe

windows7-x64

8

aba61853ac...8d.exe

windows10-2004-x64

8

Sharing

General

Target

aba61853ac77c4f5f9707a153e78cf8254c7406b74a231e756d011bbf02d4a8d
Size

910KB
Sample

221107-jlnfqaefb3
MD5

478dd117ae9bca91d484e90231d8d901
SHA1

04a8a268322bd9c7ad8d9c31b9373aba0b2829d3
SHA256

aba61853ac77c4f5f9707a153e78cf8254c7406b74a231e756d011bbf02d4a8d
SHA512

74f3ac5819b2e310d2af607e705346be4be6fae46a47a70cd0db6f623a7be4b81d2f5f87c79cb713ec1f23fc6030fc73e6a57e124ce4a23b894cb400368dcff9
SSDEEP

24576:cyRTTrkLsCk2dOagGcOZ3i/utaYZhc1O8x:cyZTEsCkeOaJcw3i/ut5O1Vx

Score

8^/10

discovery evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

aba61853ac77c4f5f9707a153e78cf8254c7406b74a231e756d011bbf02d4a8d.exe

Resource

win7-20220812-en

discovery evasion persistence trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

aba61853ac77c4f5f9707a153e78cf8254c7406b74a231e756d011bbf02d4a8d.exe

Resource

win10v2004-20220812-en

discovery evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  aba61853ac77c4f5f9707a153e78cf8254c7406b74a231e756d011bbf02d4a8d
- Size
  
  910KB
- MD5
  
  478dd117ae9bca91d484e90231d8d901
- SHA1
  
  04a8a268322bd9c7ad8d9c31b9373aba0b2829d3
- SHA256
  
  aba61853ac77c4f5f9707a153e78cf8254c7406b74a231e756d011bbf02d4a8d
- SHA512
  
  74f3ac5819b2e310d2af607e705346be4be6fae46a47a70cd0db6f623a7be4b81d2f5f87c79cb713ec1f23fc6030fc73e6a57e124ce4a23b894cb400368dcff9
- SSDEEP
  
  24576:cyRTTrkLsCk2dOagGcOZ3i/utaYZhc1O8x:cyZTEsCkeOaJcw3i/ut5O1Vx
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan

© 2018-2025

Terms | Privacy