3c5d39ecc3d04d7083ecb94b10f70d29a1ceb850b3dfeef7098a858dc2e7fd9e | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

Secret.exe

windows10-2004-x64

Sharing

General

Target

Secret.exe
Size

140KB
Sample

230323-hmp59sga9v
MD5

2cbd7d533e6c333fe7d9ec98feb29cf1
SHA1

a37fd2cfb5dcc65ba4c3fdf65d5af9bf9e49bbd4
SHA256

3c5d39ecc3d04d7083ecb94b10f70d29a1ceb850b3dfeef7098a858dc2e7fd9e
SHA512

137b3314392472974652a9e251046a27dfe9e816256e75cf95c7ec080d11848465ec90458e1eff4f2c4955d69071ff7499926158e75157594d507a7305273ffb
SSDEEP

3072:u8LcrhCS142TdbjkO5M8hpTPKzCJajPgp:xcrhCl8fXpTi9

Score

10^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

Secret.exe

Resource

win10v2004-20230221-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  Secret.exe
- Size
  
  140KB
- MD5
  
  2cbd7d533e6c333fe7d9ec98feb29cf1
- SHA1
  
  a37fd2cfb5dcc65ba4c3fdf65d5af9bf9e49bbd4
- SHA256
  
  3c5d39ecc3d04d7083ecb94b10f70d29a1ceb850b3dfeef7098a858dc2e7fd9e
- SHA512
  
  137b3314392472974652a9e251046a27dfe9e816256e75cf95c7ec080d11848465ec90458e1eff4f2c4955d69071ff7499926158e75157594d507a7305273ffb
- SSDEEP
  
  3072:u8LcrhCS142TdbjkO5M8hpTPKzCJajPgp:xcrhCl8fXpTi9
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy