855d15ca33165883c5fcea4389dd2aa08229ded0d6f63442b98d874e9190a397 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

855d15ca33...97.exe

windows7-x64

8

855d15ca33...97.exe

windows10-2004-x64

8

Sharing

General

Target

855d15ca33165883c5fcea4389dd2aa08229ded0d6f63442b98d874e9190a397
Size

662KB
Sample

221201-r21pzsce6v
MD5

c6b01a57eb53feea05cbab7c1fc39c03
SHA1

2ad9c7719783498514e712e450a0adaf60d09e6d
SHA256

855d15ca33165883c5fcea4389dd2aa08229ded0d6f63442b98d874e9190a397
SHA512

e576d0e5f32662bae817148dad9a7bce43ec971875924286c26c2b7745adec73c63976696545884640c7c8844274215bde3b80f7d692ef55f2914701d12daac7
SSDEEP

12288:4ZoiuvhPq6VHX/wuoVjGFrGzcY7Vr8bBTgF3Z4mxxbgRoM9KkONLha4nfKE:cPuvhy61DFNY7R8bBgQmXbgOoGLPfKE

Score

8^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

855d15ca33165883c5fcea4389dd2aa08229ded0d6f63442b98d874e9190a397.exe

Resource

win7-20220812-en

persistence upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

855d15ca33165883c5fcea4389dd2aa08229ded0d6f63442b98d874e9190a397.exe

Resource

win10v2004-20221111-en

persistence upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  855d15ca33165883c5fcea4389dd2aa08229ded0d6f63442b98d874e9190a397
- Size
  
  662KB
- MD5
  
  c6b01a57eb53feea05cbab7c1fc39c03
- SHA1
  
  2ad9c7719783498514e712e450a0adaf60d09e6d
- SHA256
  
  855d15ca33165883c5fcea4389dd2aa08229ded0d6f63442b98d874e9190a397
- SHA512
  
  e576d0e5f32662bae817148dad9a7bce43ec971875924286c26c2b7745adec73c63976696545884640c7c8844274215bde3b80f7d692ef55f2914701d12daac7
- SSDEEP
  
  12288:4ZoiuvhPq6VHX/wuoVjGFrGzcY7Vr8bBTgF3Z4mxxbgRoM9KkONLha4nfKE:cPuvhy61DFNY7R8bBgQmXbgOoGLPfKE
Score

8^/10

persistence upx
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy