af35e1320eef3a1e1ce01a5b236966c692a835ca7afd52ec68f93ee41926a545 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

af35e1320e...45.exe

windows7-x64

8

af35e1320e...45.exe

windows10-2004-x64

8

Sharing

General

Target

af35e1320eef3a1e1ce01a5b236966c692a835ca7afd52ec68f93ee41926a545
Size

794KB
Sample

221204-psxkvsde9s
MD5

157e766b6f202406bd8e661ad0a364c2
SHA1

bc97249ce6488ac0ae81e4b3f70df9de1ca9e94f
SHA256

af35e1320eef3a1e1ce01a5b236966c692a835ca7afd52ec68f93ee41926a545
SHA512

bfa0e69e0fb896f181e460b777cb759999153d43e4c4a8580991f3c8504e59da8462e022f3a947ae83dd7f7ba1480fb070908891f6342e3c50e3b047ee0341b9
SSDEEP

12288:sR2f18iuLtvWrXbKOte4DEV/AEgHxir2bXlYviTUoiTJBfXJmUX9Yer9zgDO:N8nJvZMF4dgHxTXlYsUzBJmUXW2mDO

Score

8^/10

discovery evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

af35e1320eef3a1e1ce01a5b236966c692a835ca7afd52ec68f93ee41926a545.exe

Resource

win7-20221111-en

discovery evasion persistence trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

af35e1320eef3a1e1ce01a5b236966c692a835ca7afd52ec68f93ee41926a545.exe

Resource

win10v2004-20221111-en

discovery evasion persistence trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  af35e1320eef3a1e1ce01a5b236966c692a835ca7afd52ec68f93ee41926a545
- Size
  
  794KB
- MD5
  
  157e766b6f202406bd8e661ad0a364c2
- SHA1
  
  bc97249ce6488ac0ae81e4b3f70df9de1ca9e94f
- SHA256
  
  af35e1320eef3a1e1ce01a5b236966c692a835ca7afd52ec68f93ee41926a545
- SHA512
  
  bfa0e69e0fb896f181e460b777cb759999153d43e4c4a8580991f3c8504e59da8462e022f3a947ae83dd7f7ba1480fb070908891f6342e3c50e3b047ee0341b9
- SSDEEP
  
  12288:sR2f18iuLtvWrXbKOte4DEV/AEgHxir2bXlYviTUoiTJBfXJmUX9Yer9zgDO:N8nJvZMF4dgHxTXlYsUzBJmUXW2mDO
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.