5d12af1bcac2c14156deada92e22d0dc7872ab548d343d97e7f58d4e4f84a653 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

Processo 0...yc.msi

windows7-x64

8

Processo 0...yc.msi

windows10-2004-x64

8

Sharing

General

Target

Documentos_Processo-Ao2urI18eXaUyNMlXqls.zip
Size

21.3MB
Sample

230213-ta325sdf8x
MD5

bd4d01ae0822172704ebcb23b41fc30a
SHA1

58182adf7551e516da26bd6448a0b77bc99091c4
SHA256

5d12af1bcac2c14156deada92e22d0dc7872ab548d343d97e7f58d4e4f84a653
SHA512

6c6e645c403ce9f3916ae949d77500469a56e1de96dd1510d1822ab9f7a469bd126b5c9e87a474c530a9c76b7210f8a27f3a5b3b335687774a5f23e350e3362c
SSDEEP

393216:GOc0PiyPV9gQRsFt4iOci6g2ggeFySfNAou7YMqWV3Mp3pTgH:G9DyPDgE/76gjVo+NANqWWp3iH

Score

8^/10

upx

Static task

static1

Behavioral task

behavioral1

Sample

Processo 09-02-2023 dfyc.msi

Resource

win7-20220812-es

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

Processo 09-02-2023 dfyc.msi

Resource

win10v2004-20221111-es

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  Processo 09-02-2023 dfyc.msi
- Size
  
  48.1MB
- MD5
  
  38da942ba4401ee52f663781ddded2ca
- SHA1
  
  b4ae66a99499dd02cc21cb6b3e22463db7fa67f0
- SHA256
  
  9e9dbb8ac378eaf561a1d2ceef411cc3bd0e225f649f9c2de5f7eff05bde54ef
- SHA512
  
  43624f63bcb83534c8f8fb8955dd1b88447ad3f218ce78751cb7863990b8407d9d2669e85354325f8621ede078f8d0cbd228df90a3431e030b25af5364d85e22
- SSDEEP
  
  786432:LVB9oDvwu7MpTmGXKq9QVgglClybzPnrQsdkJQBqm:LH9oDwuopTmGL9OgNyE6Ggqm
Score

8^/10

upx
- Blocklisted process makes network request
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy