c88d9f626900863fb95cced727ec8d203537f1744242f482c6024750185e5888 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

c88d9f6269...88.exe

windows7-x64

8

c88d9f6269...88.exe

windows10-2004-x64

8

Sharing

General

Target

c88d9f626900863fb95cced727ec8d203537f1744242f482c6024750185e5888
Size

1.6MB
Sample

221127-pb6r7sfd74
MD5

c5845949f95c5b713b9a76d5211c835f
SHA1

71c49204f8666bd2d54daf8bd0eabe0a4b145de7
SHA256

c88d9f626900863fb95cced727ec8d203537f1744242f482c6024750185e5888
SHA512

35efa487ab280bb1a1e364f2a62c71ea37137a079df4b1c204acaa3e9706e13ae5d07065182fe71118152edb96ba0fe7424c0ad705c2f0341754f6b8c6549bad
SSDEEP

24576:W+zHdFeYR0iGkwFgc6BQSmtl0UrQbchemdY2GDMCbItNWf:WgW0AYySY0A3dYDA1tNWf

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

c88d9f626900863fb95cced727ec8d203537f1744242f482c6024750185e5888.exe

Resource

win7-20220812-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

c88d9f626900863fb95cced727ec8d203537f1744242f482c6024750185e5888.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  c88d9f626900863fb95cced727ec8d203537f1744242f482c6024750185e5888
- Size
  
  1.6MB
- MD5
  
  c5845949f95c5b713b9a76d5211c835f
- SHA1
  
  71c49204f8666bd2d54daf8bd0eabe0a4b145de7
- SHA256
  
  c88d9f626900863fb95cced727ec8d203537f1744242f482c6024750185e5888
- SHA512
  
  35efa487ab280bb1a1e364f2a62c71ea37137a079df4b1c204acaa3e9706e13ae5d07065182fe71118152edb96ba0fe7424c0ad705c2f0341754f6b8c6549bad
- SSDEEP
  
  24576:W+zHdFeYR0iGkwFgc6BQSmtl0UrQbchemdY2GDMCbItNWf:WgW0AYySY0A3dYDA1tNWf
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy