955d30c634b0737657cea0a9f325ae94207e4bbc73adcabc3d0a43b91c5ec87b | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

Screen rec...2.webm

windows10-2004-x64

8

Sharing

General

Target

Screen recording 2023-05-30 19.47.12.webm
Size

35.5MB
Sample

230609-svpjtadd3w
MD5

2fb19e1ba9bee67f541ab21ed1fd2a4b
SHA1

07bf911b858c36231bd1397b5179d4515e93cc36
SHA256

955d30c634b0737657cea0a9f325ae94207e4bbc73adcabc3d0a43b91c5ec87b
SHA512

23128a75abdab76f71d1ab0b9ffe330e6ae8562f2039c5aa9faa80363547851b666012688994f4744a06d431bff14c03e2922834b11da6cb55e32f53e1ff403d
SSDEEP

786432:Mi2LHKRU9AGnfb65hwHxzeCYTnsR4jxCxYZS2PBfj:Mi2LHKRU7e5hwDYTn8YZZb

Score

8^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

Screen recording 2023-05-30 19.47.12.webm

Resource

win10v2004-20230220-en

discovery persistence

windows10-2004-x64

28 signatures

150 seconds

Malware Config

Targets

- Target
  
  Screen recording 2023-05-30 19.47.12.webm
- Size
  
  35.5MB
- MD5
  
  2fb19e1ba9bee67f541ab21ed1fd2a4b
- SHA1
  
  07bf911b858c36231bd1397b5179d4515e93cc36
- SHA256
  
  955d30c634b0737657cea0a9f325ae94207e4bbc73adcabc3d0a43b91c5ec87b
- SHA512
  
  23128a75abdab76f71d1ab0b9ffe330e6ae8562f2039c5aa9faa80363547851b666012688994f4744a06d431bff14c03e2922834b11da6cb55e32f53e1ff403d
- SSDEEP
  
  786432:Mi2LHKRU9AGnfb65hwHxzeCYTnsR4jxCxYZS2PBfj:Mi2LHKRU7e5hwDYTn8YZZb
Score

8^/10

discovery persistence
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Registers COM server for autorun
  persistence
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

© 2018-2025

Terms | Privacy