5bebf979dd82efd302b548c79757c05593e851a25d465c8dd4f4e45a09d284b5 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

5bebf979dd...b5.exe

windows7-x64

8

5bebf979dd...b5.exe

windows10-2004-x64

8

Sharing

General

Target

5bebf979dd82efd302b548c79757c05593e851a25d465c8dd4f4e45a09d284b5
Size

274KB
Sample

221206-afe3qaae65
MD5

c41077f9a6d98fbcff5a0888dfc564d2
SHA1

d58f5f1d79354064712de3b14b5b3930fc2a0f87
SHA256

5bebf979dd82efd302b548c79757c05593e851a25d465c8dd4f4e45a09d284b5
SHA512

c896cf994972a49a334b2382ce28996d74bf7a169b5c975daa5943ee5c7d06b7ca283e4db9168a0f6fdbb2fa4859266669b824281693002991d26ac59e907e9e
SSDEEP

6144:DsaocyLCvoSOcbE+3lBIR2gwxwAOjm42c1r8sPYJYHvTWt1Cs:Dtob0MP2gweANBct8qY3ks

Score

8^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5bebf979dd82efd302b548c79757c05593e851a25d465c8dd4f4e45a09d284b5.exe

Resource

win7-20220901-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

5bebf979dd82efd302b548c79757c05593e851a25d465c8dd4f4e45a09d284b5.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  5bebf979dd82efd302b548c79757c05593e851a25d465c8dd4f4e45a09d284b5
- Size
  
  274KB
- MD5
  
  c41077f9a6d98fbcff5a0888dfc564d2
- SHA1
  
  d58f5f1d79354064712de3b14b5b3930fc2a0f87
- SHA256
  
  5bebf979dd82efd302b548c79757c05593e851a25d465c8dd4f4e45a09d284b5
- SHA512
  
  c896cf994972a49a334b2382ce28996d74bf7a169b5c975daa5943ee5c7d06b7ca283e4db9168a0f6fdbb2fa4859266669b824281693002991d26ac59e907e9e
- SSDEEP
  
  6144:DsaocyLCvoSOcbE+3lBIR2gwxwAOjm42c1r8sPYJYHvTWt1Cs:Dtob0MP2gweANBct8qY3ks
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy