c2bb4e8d87a8cfea7b76b171cf3f87277e2a872df23b9fa31909bfb2d5fe87c3 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

CV7Setup.exe

windows7-x64

8

CV7Setup.exe

windows10-2004-x64

8

Sharing

General

Target

CV7Setup.exe
Size

59.2MB
Sample

230131-en6mvsee69
MD5

e6a27a637fd827930f97f5de0659e888
SHA1

00ba2f84b8831cefde7470a5730515171eb302a2
SHA256

c2bb4e8d87a8cfea7b76b171cf3f87277e2a872df23b9fa31909bfb2d5fe87c3
SHA512

31c74bc0fdfa4740c3046667648a54604138982fedbe6b4cd72a2335c257c4198bda3e826c1065f1d1e7de9e7c3d6e90d37999a5b948670fa87db517879b3c48
SSDEEP

1572864:LOx54X+LYP+/mm/kAQ9GQ/KfyLhsL9BFh3LfnMYMmmj:LdXBmem/kAe3OyNsL9BFlLMY2j

Score

8^/10

discovery evasion persistence

Static task

static1

Behavioral task

behavioral1

Sample

CV7Setup.exe

Resource

win7-20221111-en

discovery evasion persistence

windows7-x64

19 signatures

150 seconds

Behavioral task

behavioral2

Sample

CV7Setup.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  CV7Setup.exe
- Size
  
  59.2MB
- MD5
  
  e6a27a637fd827930f97f5de0659e888
- SHA1
  
  00ba2f84b8831cefde7470a5730515171eb302a2
- SHA256
  
  c2bb4e8d87a8cfea7b76b171cf3f87277e2a872df23b9fa31909bfb2d5fe87c3
- SHA512
  
  31c74bc0fdfa4740c3046667648a54604138982fedbe6b4cd72a2335c257c4198bda3e826c1065f1d1e7de9e7c3d6e90d37999a5b948670fa87db517879b3c48
- SSDEEP
  
  1572864:LOx54X+LYP+/mm/kAQ9GQ/KfyLhsL9BFh3LfnMYMmmj:LdXBmem/kAe3OyNsL9BFlLMY2j
Score

8^/10

discovery evasion persistence
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

© 2018-2025

Terms | Privacy