dc1ab039a44f72fe847cae5a91d783570398ffd2ca0a5641b89f2a542e7e3d4e | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

dc1ab039a4...4e.exe

windows7-x64

3

dc1ab039a4...4e.exe

windows10-2004-x64

7

Sharing

General

Target

dc1ab039a44f72fe847cae5a91d783570398ffd2ca0a5641b89f2a542e7e3d4e
Size

143KB
Sample

221127-s6s2dada9s
MD5

b701ed818fb6eebef97ba549ea3e6222
SHA1

a8b008ce8c9f9d13b3659d74929261abe0ec81c5
SHA256

dc1ab039a44f72fe847cae5a91d783570398ffd2ca0a5641b89f2a542e7e3d4e
SHA512

2543edca349e8a06d3cd6fe904a963bba500fc0aa514cc3a12a20acc5faa5444eafb17f33475bfd5a6704e7873a74f99f81fa83c114beb98a5ead6c32c93da47
SSDEEP

3072:iN6ZekwVJIlgps5q9Eb648qwlS/+TfQO45DdPT:pe9IB83ID5BPT

Score

7^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

dc1ab039a44f72fe847cae5a91d783570398ffd2ca0a5641b89f2a542e7e3d4e.exe

Resource

win7-20220812-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

dc1ab039a44f72fe847cae5a91d783570398ffd2ca0a5641b89f2a542e7e3d4e.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  dc1ab039a44f72fe847cae5a91d783570398ffd2ca0a5641b89f2a542e7e3d4e
- Size
  
  143KB
- MD5
  
  b701ed818fb6eebef97ba549ea3e6222
- SHA1
  
  a8b008ce8c9f9d13b3659d74929261abe0ec81c5
- SHA256
  
  dc1ab039a44f72fe847cae5a91d783570398ffd2ca0a5641b89f2a542e7e3d4e
- SHA512
  
  2543edca349e8a06d3cd6fe904a963bba500fc0aa514cc3a12a20acc5faa5444eafb17f33475bfd5a6704e7873a74f99f81fa83c114beb98a5ead6c32c93da47
- SSDEEP
  
  3072:iN6ZekwVJIlgps5q9Eb648qwlS/+TfQO45DdPT:pe9IB83ID5BPT
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy