bf6ed975a4c4f770294623c0c2a27846c1db7e2ab6cdb272cc2080341e7f8c34 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

freedomgpt...up.exe

windows7-x64

7

freedomgpt...up.exe

windows10-2004-x64

7

Sharing

General

Target

freedomgpt-1.1.3.Setup.exe
Size

94.4MB
Sample

230508-bpbbkaac71
MD5

d71e86e91c1523d75ba112f9953d551a
SHA1

8b76138584149289eb771c2ca6fac65e85888b18
SHA256

bf6ed975a4c4f770294623c0c2a27846c1db7e2ab6cdb272cc2080341e7f8c34
SHA512

2d9c811404febcc53b99c34f03f5d0f851a8416a3cf3b18ee27944009868ff6d4abe81ac75beac0ac3e0deed1ebe20e11faaab201d3bda2ce7b1c552865ad670
SSDEEP

1572864:jCgNjVW/qgFGkVyMmi82RP0F4ry9Fq8GWK/O0SzpRTrcxRYTkhQnoYqbDBZj0T:jdWZG0yM/je7qRWK/0lRTrcyBn3gDvjO

Score

7^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

freedomgpt-1.1.3.Setup.exe

Resource

win7-20230220-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

freedomgpt-1.1.3.Setup.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  freedomgpt-1.1.3.Setup.exe
- Size
  
  94.4MB
- MD5
  
  d71e86e91c1523d75ba112f9953d551a
- SHA1
  
  8b76138584149289eb771c2ca6fac65e85888b18
- SHA256
  
  bf6ed975a4c4f770294623c0c2a27846c1db7e2ab6cdb272cc2080341e7f8c34
- SHA512
  
  2d9c811404febcc53b99c34f03f5d0f851a8416a3cf3b18ee27944009868ff6d4abe81ac75beac0ac3e0deed1ebe20e11faaab201d3bda2ce7b1c552865ad670
- SSDEEP
  
  1572864:jCgNjVW/qgFGkVyMmi82RP0F4ry9Fq8GWK/O0SzpRTrcxRYTkhQnoYqbDBZj0T:jdWZG0yM/je7qRWK/0lRTrcyBn3gDvjO
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy