3f42f790858198e03837b398158793a1efa302d206531d36563f691e07884c56 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

LiquidLaun...US.msi

windows10-1703-x64

8

Sharing

General

Target

LiquidLauncher_0.1.3_x64_en-US.msi
Size

5.7MB
Sample

230204-zghbxahh2y
MD5

bd037e53455ee38853fb0daa44b70248
SHA1

70cdd0853263ffde758dbe6abb4e8806305446c8
SHA256

3f42f790858198e03837b398158793a1efa302d206531d36563f691e07884c56
SHA512

681845d827e5ce4eb4eb20bf17398aa3b7710de63606ce7ee40980e55b2048c9a965720d212877447c2b738820e32f53bb45ad585d26c620ba088fd723725bc6
SSDEEP

98304:jSH0FB6EPUWIhGwJiNdtqjHlv5Ge1e8Pp3LLm9nITlJG6PRkYP5u8DkD6rcdc:C0vzPUWkKi7l5d48B7LynITG6P+R8Dqu

Score

8^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

LiquidLauncher_0.1.3_x64_en-US.msi

Resource

win10-20220812-en

discovery persistence

windows10-1703-x64

19 signatures

150 seconds

Malware Config

Targets

- Target
  
  LiquidLauncher_0.1.3_x64_en-US.msi
- Size
  
  5.7MB
- MD5
  
  bd037e53455ee38853fb0daa44b70248
- SHA1
  
  70cdd0853263ffde758dbe6abb4e8806305446c8
- SHA256
  
  3f42f790858198e03837b398158793a1efa302d206531d36563f691e07884c56
- SHA512
  
  681845d827e5ce4eb4eb20bf17398aa3b7710de63606ce7ee40980e55b2048c9a965720d212877447c2b738820e32f53bb45ad585d26c620ba088fd723725bc6
- SSDEEP
  
  98304:jSH0FB6EPUWIhGwJiNdtqjHlv5Ge1e8Pp3LLm9nITlJG6PRkYP5u8DkD6rcdc:C0vzPUWkKi7l5d48B7LynITG6P+R8Dqu
Score

8^/10

discovery persistence
- Blocklisted process makes network request
- Downloads MZ/PE file
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

© 2018-2025

Terms | Privacy