0e1854b35c39d0207646a0fba8501a71d1ac29ce0b1d98c32323481ec84fc142 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

9

0e1854b35c...42.dll

windows7-x64

0e1854b35c...42.dll

windows10-2004-x64

Sharing

General

Target

0e1854b35c39d0207646a0fba8501a71d1ac29ce0b1d98c32323481ec84fc142
Size

111KB
Sample

221203-bk2yqafa2w
MD5

51182c34825c97bb81baf2d0d6057ca0
SHA1

bc2c65c01e70a3d2abc4642131e6333d1ddd8402
SHA256

0e1854b35c39d0207646a0fba8501a71d1ac29ce0b1d98c32323481ec84fc142
SHA512

a7a99af12167b034ab81d9f7b2981e55491a7741e88030d0bd8314c386ac4cbcba5bcc98919e00cc04bc1f1820f0a3755b8a68023290aa4efe5508b93f67d0ac
SSDEEP

1536:ro36xgW6L9+2UOCWMTsU4oFrUcryNQcaruJcijAU18+IW5tCrEVAwGBKuBeEXzjE:qS6L9+XOvMb3UQyvLFjAxzaCbvvnU

Score

10^/10

evasion upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0e1854b35c39d0207646a0fba8501a71d1ac29ce0b1d98c32323481ec84fc142.dll

Resource

win7-20220812-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

0e1854b35c39d0207646a0fba8501a71d1ac29ce0b1d98c32323481ec84fc142.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  0e1854b35c39d0207646a0fba8501a71d1ac29ce0b1d98c32323481ec84fc142
- Size
  
  111KB
- MD5
  
  51182c34825c97bb81baf2d0d6057ca0
- SHA1
  
  bc2c65c01e70a3d2abc4642131e6333d1ddd8402
- SHA256
  
  0e1854b35c39d0207646a0fba8501a71d1ac29ce0b1d98c32323481ec84fc142
- SHA512
  
  a7a99af12167b034ab81d9f7b2981e55491a7741e88030d0bd8314c386ac4cbcba5bcc98919e00cc04bc1f1820f0a3755b8a68023290aa4efe5508b93f67d0ac
- SSDEEP
  
  1536:ro36xgW6L9+2UOCWMTsU4oFrUcryNQcaruJcijAU18+IW5tCrEVAwGBKuBeEXzjE:qS6L9+XOvMb3UQyvLFjAxzaCbvvnU
Score

10^/10

evasion upx
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy