2699c2f79da94ce9238b513a2286a3c990dae7f4dd4a41f66dc4853891f59df8 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

8

2699c2f79d...f8.exe

windows7-x64

9

2699c2f79d...f8.exe

windows10-2004-x64

9

Sharing

General

Target

2699c2f79da94ce9238b513a2286a3c990dae7f4dd4a41f66dc4853891f59df8
Size

1.9MB
Sample

221125-n26z8aaa5v
MD5

a321021b6ce5b4d21e091f7e2987a789
SHA1

b84097a32f6d91293673f1378ced247e7235ce5c
SHA256

2699c2f79da94ce9238b513a2286a3c990dae7f4dd4a41f66dc4853891f59df8
SHA512

f25774fe69c9717d3a1a0d9e0f8f9fc4f761e1abc1670aafcbd3899c37d4710000128c2dbe1ce4fd2783c4a4996dfe982ae6f0270ba7218a6775d6c2f57806fb
SSDEEP

49152:zFPtJoxE+gzbh/61PMDOt1881FJAj7aP0MggW/ceS8FCwtfdUCf0YFb:z32gzbB61PMqt281FJAj7aP0Mg7/ceSI

Score

9^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2699c2f79da94ce9238b513a2286a3c990dae7f4dd4a41f66dc4853891f59df8.exe

Resource

win7-20221111-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

2699c2f79da94ce9238b513a2286a3c990dae7f4dd4a41f66dc4853891f59df8.exe

Resource

win10v2004-20220812-en

persistence upx

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  2699c2f79da94ce9238b513a2286a3c990dae7f4dd4a41f66dc4853891f59df8
- Size
  
  1.9MB
- MD5
  
  a321021b6ce5b4d21e091f7e2987a789
- SHA1
  
  b84097a32f6d91293673f1378ced247e7235ce5c
- SHA256
  
  2699c2f79da94ce9238b513a2286a3c990dae7f4dd4a41f66dc4853891f59df8
- SHA512
  
  f25774fe69c9717d3a1a0d9e0f8f9fc4f761e1abc1670aafcbd3899c37d4710000128c2dbe1ce4fd2783c4a4996dfe982ae6f0270ba7218a6775d6c2f57806fb
- SSDEEP
  
  49152:zFPtJoxE+gzbh/61PMDOt1881FJAj7aP0MggW/ceS8FCwtfdUCf0YFb:z32gzbB61PMqt281FJAj7aP0Mg7/ceSI
Score

9^/10

upx persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy