Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

PDF_Archiv...gi.exe

windows7-x64

7

PDF_Archiv...gi.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PDF_Archivo_AdjuntoBBZVSOQBNPIVQSJzisqhIAHFZ.zip

  • Size

    3.4MB

  • Sample

    230306-nv7m6sbe2v

  • MD5

    474e2725e036699807833c1383240c18

  • SHA1

    34b49495657b8e8a566e460bc68da7498b1b2211

  • SHA256

    95a3af664619ad3299c451425b234fe76559f3c18e7ce5de3dd4638a5b1dbc63

  • SHA512

    067801479e1e79f680c7aa0a01429fcbca2f56345e102b83e68ea26fe1eb465ac173bdc02fd1cdad6935f379373ba2b21da8a50cd04f8d07845e77f161eb7790

  • SSDEEP

    98304:qZYC84JOdGBiPo8ibuIiMEgb/xbDrrDwCmi2oVpFh:kOgkDWb/xbzUMNh

Score
7/10
persistence

Malware Config

Targets

    • Target

      PDF_Archivo_DocumtQVREOIOIZEADFAOuxlgi.exe

    • Size

      297.0MB

    • MD5

      474f7016aef0aea19fc3b6d58cdb4aa4

    • SHA1

      8815b1239cc8ebbdf51f20ef3be67bac6efc253d

    • SHA256

      ac9f497b30b2303beb2f9bdea927175b8832f2fce9607fa4f6b4e7fcc26d4470

    • SHA512

      a98bf7e573caf330f78f5b7ae6f63d74ed426893040c17de5a39cb7c2b37f0a78430f16de2925db4989d68e4ebf1657b6edeeb35926d2469412ebbff1464e719

    • SSDEEP

      98304:se5cjwqxRWOnO9waPi9xqTetpjIhnbq3etZY1OL:secdVnMK9LdINeue

    Score
    7/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks