cf5daae5735476f3cf2d46d7a277f2d57e2d0fe284d7df14a2fe6b31e4adcdb1 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

cf5daae573...b1.exe

windows7-x64

9

cf5daae573...b1.exe

windows10-2004-x64

9

Sharing

General

Target

cf5daae5735476f3cf2d46d7a277f2d57e2d0fe284d7df14a2fe6b31e4adcdb1
Size

784KB
Sample

221203-pxzk1see7s
MD5

37f9ac0e96468f74805962394b517848
SHA1

65a0a6e164c93ac9a9fbb37468f517a8a5b3bfd2
SHA256

cf5daae5735476f3cf2d46d7a277f2d57e2d0fe284d7df14a2fe6b31e4adcdb1
SHA512

8996d8c5eb85fbaefc9af493fd394c276bd39ee8ef1068ebd0afef5a2d6ed4f51329b490925f1baecad9023ab847c4d9df0e97b27f49543bdd134eaaecc83dd1
SSDEEP

24576:tzYXFB85pZxx9+WPAcsrYdeCEIOzI4+j4el6/IRBe6:yVB85prts+eCEIapY4el6/A

Score

9^/10

upx

Static task

static1

Behavioral task

behavioral1

Sample

cf5daae5735476f3cf2d46d7a277f2d57e2d0fe284d7df14a2fe6b31e4adcdb1.exe

Resource

win7-20221111-en

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

cf5daae5735476f3cf2d46d7a277f2d57e2d0fe284d7df14a2fe6b31e4adcdb1.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  cf5daae5735476f3cf2d46d7a277f2d57e2d0fe284d7df14a2fe6b31e4adcdb1
- Size
  
  784KB
- MD5
  
  37f9ac0e96468f74805962394b517848
- SHA1
  
  65a0a6e164c93ac9a9fbb37468f517a8a5b3bfd2
- SHA256
  
  cf5daae5735476f3cf2d46d7a277f2d57e2d0fe284d7df14a2fe6b31e4adcdb1
- SHA512
  
  8996d8c5eb85fbaefc9af493fd394c276bd39ee8ef1068ebd0afef5a2d6ed4f51329b490925f1baecad9023ab847c4d9df0e97b27f49543bdd134eaaecc83dd1
- SSDEEP
  
  24576:tzYXFB85pZxx9+WPAcsrYdeCEIOzI4+j4el6/IRBe6:yVB85prts+eCEIapY4el6/A
Score

9^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy