9b6d5394830b08a9ce69e56878d1abbaa4f5491df5ee067dc3f5e834e543cd59 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

9b6d539483...59.exe

windows7-x64

8

9b6d539483...59.exe

windows10-2004-x64

8

Sharing

General

Target

9b6d5394830b08a9ce69e56878d1abbaa4f5491df5ee067dc3f5e834e543cd59
Size

4.0MB
Sample

221201-kc1v5aaf48
MD5

a9f01eb697acc0e76024d77fcb62a14d
SHA1

8f6b0623d264e68206cd33e5e712453b8277269e
SHA256

9b6d5394830b08a9ce69e56878d1abbaa4f5491df5ee067dc3f5e834e543cd59
SHA512

2057c1aa58bba04c6ce86745a8ae3c90b6725eb6a4aa237416f1aa65d9bc1bace5136ed24fc87e7d542be36cdd53c21883842bf16c663d7d37854333dcf30823
SSDEEP

98304:1nFy46gTWZMmAbYfSdWAXVjLFvYhcTgr1jLheG:NFH6E05foXVPehcTk1jLhr

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

9b6d5394830b08a9ce69e56878d1abbaa4f5491df5ee067dc3f5e834e543cd59.exe

Resource

win7-20221111-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

9b6d5394830b08a9ce69e56878d1abbaa4f5491df5ee067dc3f5e834e543cd59.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  9b6d5394830b08a9ce69e56878d1abbaa4f5491df5ee067dc3f5e834e543cd59
- Size
  
  4.0MB
- MD5
  
  a9f01eb697acc0e76024d77fcb62a14d
- SHA1
  
  8f6b0623d264e68206cd33e5e712453b8277269e
- SHA256
  
  9b6d5394830b08a9ce69e56878d1abbaa4f5491df5ee067dc3f5e834e543cd59
- SHA512
  
  2057c1aa58bba04c6ce86745a8ae3c90b6725eb6a4aa237416f1aa65d9bc1bace5136ed24fc87e7d542be36cdd53c21883842bf16c663d7d37854333dcf30823
- SSDEEP
  
  98304:1nFy46gTWZMmAbYfSdWAXVjLFvYhcTgr1jLheG:NFH6E05foXVPehcTk1jLhr
Score

8^/10
- Drops file in Drivers directory
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy