07fd6c66a7a9cfc1d67c140c7af9fbe1e842b0377cf1fe8859eff45f9aeee732 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

PHOTO-DRAW...ng.lnk

windows7-x64

3

PHOTO-DRAW...ng.lnk

windows10-2004-x64

8

Sharing

General

Target

PHOTO-DRAWING-234196.png.lnk
Size

3KB
Sample

230414-gs66asaa2y
MD5

6da902f8bd37a322553f8ca8d3578b7a
SHA1

266299e5a1bc0c4c33754e1df85e4b32b29886b7
SHA256

07fd6c66a7a9cfc1d67c140c7af9fbe1e842b0377cf1fe8859eff45f9aeee732
SHA512

64603b1c9bd0342ae62a8980e5fdad04c47e0368276bfc013537d745cd6f8d9133f682f183b0b375cd58fbe42d39961a7be3c89af4a7b8a288fb08986853e69e

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

PHOTO-DRAWING-234196.png.lnk

Resource

win7-20230220-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

PHOTO-DRAWING-234196.png.lnk

Resource

win10v2004-20230220-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  PHOTO-DRAWING-234196.png.lnk
- Size
  
  3KB
- MD5
  
  6da902f8bd37a322553f8ca8d3578b7a
- SHA1
  
  266299e5a1bc0c4c33754e1df85e4b32b29886b7
- SHA256
  
  07fd6c66a7a9cfc1d67c140c7af9fbe1e842b0377cf1fe8859eff45f9aeee732
- SHA512
  
  64603b1c9bd0342ae62a8980e5fdad04c47e0368276bfc013537d745cd6f8d9133f682f183b0b375cd58fbe42d39961a7be3c89af4a7b8a288fb08986853e69e
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy