6125bd4c2b73c5f367de3ed7748dbbe5b178316c0106d9ee2431c65de053960d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6125bd4c2b...0d.exe

windows7-x64

8

6125bd4c2b...0d.exe

windows10-2004-x64

8

Sharing

General

Target

6125bd4c2b73c5f367de3ed7748dbbe5b178316c0106d9ee2431c65de053960d
Size

218KB
Sample

221201-3ey4esfa51
MD5

35f7d8fab7f9122b6990b2972c63a6c7
SHA1

4fc7713c4c370ff0bdaa79614138b754859bca5a
SHA256

6125bd4c2b73c5f367de3ed7748dbbe5b178316c0106d9ee2431c65de053960d
SHA512

7ccb7976cda96394ca3102e596319b93c9a881e1447d52aa0c2ae61dd048a1be30ee5da0a1548bbc61a6c5a20986f4d7016c8dd2d489751ec46a0d9a5c5ee3aa
SSDEEP

3072:SpRFOXcNXzMWAKl8HCZ5eqq1d0mG1yGTtS8U2wtSByxybzWRVOO5/WgjE00kaA20:SpRK2jR8ij9gd07XSZUvyJjE0CA2j

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

6125bd4c2b73c5f367de3ed7748dbbe5b178316c0106d9ee2431c65de053960d.exe

Resource

win7-20221111-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

6125bd4c2b73c5f367de3ed7748dbbe5b178316c0106d9ee2431c65de053960d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  6125bd4c2b73c5f367de3ed7748dbbe5b178316c0106d9ee2431c65de053960d
- Size
  
  218KB
- MD5
  
  35f7d8fab7f9122b6990b2972c63a6c7
- SHA1
  
  4fc7713c4c370ff0bdaa79614138b754859bca5a
- SHA256
  
  6125bd4c2b73c5f367de3ed7748dbbe5b178316c0106d9ee2431c65de053960d
- SHA512
  
  7ccb7976cda96394ca3102e596319b93c9a881e1447d52aa0c2ae61dd048a1be30ee5da0a1548bbc61a6c5a20986f4d7016c8dd2d489751ec46a0d9a5c5ee3aa
- SSDEEP
  
  3072:SpRFOXcNXzMWAKl8HCZ5eqq1d0mG1yGTtS8U2wtSByxybzWRVOO5/WgjE00kaA20:SpRK2jR8ij9gd07XSZUvyJjE0CA2j
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy