e4c93cb4e905b760b885629aa4a148e904569e1f602284a84a7e7d3446a3d6c5 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

8

e4c93cb4e9...c5.exe

windows7-x64

e4c93cb4e9...c5.exe

windows10-2004-x64

Sharing

General

Target

e4c93cb4e905b760b885629aa4a148e904569e1f602284a84a7e7d3446a3d6c5
Size

174KB
Sample

221206-yd22gaba8y
MD5

409876e66f0f8b6c97e6075646d835f5
SHA1

39ddb998c8b34d0261d918522bad2707f6fb4437
SHA256

e4c93cb4e905b760b885629aa4a148e904569e1f602284a84a7e7d3446a3d6c5
SHA512

07f788cd47ba8c9f1b8f493a98011a9902189f33bb8f9f459165ce6845f7e759879c442d030e82efccd6584dd4f9252b39f33c0b9e7447a5150e8a03c1fd9204
SSDEEP

3072:Veyqi23Bh+lErnajqac+aXrJ3B1r4qbinmcW9speqVqqhVZslIP:VWRIlEruY9BJ49mR9fqVqqKc

Score

10^/10

evasion persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e4c93cb4e905b760b885629aa4a148e904569e1f602284a84a7e7d3446a3d6c5.exe

Resource

win7-20221111-en

evasion persistence upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

e4c93cb4e905b760b885629aa4a148e904569e1f602284a84a7e7d3446a3d6c5.exe

Resource

win10v2004-20221111-en

evasion persistence upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  e4c93cb4e905b760b885629aa4a148e904569e1f602284a84a7e7d3446a3d6c5
- Size
  
  174KB
- MD5
  
  409876e66f0f8b6c97e6075646d835f5
- SHA1
  
  39ddb998c8b34d0261d918522bad2707f6fb4437
- SHA256
  
  e4c93cb4e905b760b885629aa4a148e904569e1f602284a84a7e7d3446a3d6c5
- SHA512
  
  07f788cd47ba8c9f1b8f493a98011a9902189f33bb8f9f459165ce6845f7e759879c442d030e82efccd6584dd4f9252b39f33c0b9e7447a5150e8a03c1fd9204
- SSDEEP
  
  3072:Veyqi23Bh+lErnajqac+aXrJ3B1r4qbinmcW9speqVqqhVZslIP:VWRIlEruY9BJ49mR9fqVqqKc
Score

10^/10

evasion persistence upx
- Modifies WinLogon for persistence
  persistence
- Disables Task Manager via registry modification
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceupx

behavioral2

evasionpersistenceupx

© 2018-2025

Terms | Privacy