57732635c4b75be998ff937b1fffce2a0bd24197a441e703a3b1038bfd733285 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

57732635c4...85.exe

windows7-x64

8

57732635c4...85.exe

windows10-2004-x64

8

Sharing

General

Target

57732635c4b75be998ff937b1fffce2a0bd24197a441e703a3b1038bfd733285
Size

935KB
Sample

221125-p9xl7adb5x
MD5

e9eebd1b276d2c40cbc8beab44057a39
SHA1

21faa01916ae56ce175a5e37cadb9626244ef5b9
SHA256

57732635c4b75be998ff937b1fffce2a0bd24197a441e703a3b1038bfd733285
SHA512

cd97573515b4820150d43f17c5ce61ad3afccedead91fe3de80d63cfd05858469925e7e83599c4256db1e449695b81ee1d50e5fa1666c5b381d587365e6cda47
SSDEEP

12288:45Yr15f753d5QWIDz/Wz9NCyzHinLipNDJ5eoFb0OZ/WiGaks+HL63S27x4:4yHv5Z+Wzv7AiBll0OBWi6si9G

Score

8^/10

upx

Static task

static1

Behavioral task

behavioral1

Sample

57732635c4b75be998ff937b1fffce2a0bd24197a441e703a3b1038bfd733285.exe

Resource

win7-20220812-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

57732635c4b75be998ff937b1fffce2a0bd24197a441e703a3b1038bfd733285.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  57732635c4b75be998ff937b1fffce2a0bd24197a441e703a3b1038bfd733285
- Size
  
  935KB
- MD5
  
  e9eebd1b276d2c40cbc8beab44057a39
- SHA1
  
  21faa01916ae56ce175a5e37cadb9626244ef5b9
- SHA256
  
  57732635c4b75be998ff937b1fffce2a0bd24197a441e703a3b1038bfd733285
- SHA512
  
  cd97573515b4820150d43f17c5ce61ad3afccedead91fe3de80d63cfd05858469925e7e83599c4256db1e449695b81ee1d50e5fa1666c5b381d587365e6cda47
- SSDEEP
  
  12288:45Yr15f753d5QWIDz/Wz9NCyzHinLipNDJ5eoFb0OZ/WiGaks+HL63S27x4:4yHv5Z+Wzv7AiBll0OBWi6si9G
Score

8^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy