cc8884209d49144b756c86a3a65385307c06415776863eeec0746438ff8d3e36 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

Vega X_94306.exe

windows7-x64

6

Vega X_94306.exe

windows10-2004-x64

8

Resubmissions

30/06/2023, 00:41

230630-a19g3age9t 8

30/06/2023, 00:37

230630-ayfrzaff67 6

Sharing

General

Target

Vega X_94306.exe
Size

8.7MB
Sample

230630-a19g3age9t
MD5

d95304d22479d196942a8e188113884c
SHA1

f9f88c60a21b7348dd4732134862b80eb324be60
SHA256

cc8884209d49144b756c86a3a65385307c06415776863eeec0746438ff8d3e36
SHA512

67ad51defe3912434e6c1e9002027517e30c1ff7ddf6592bef10bb14c232b96a234520d92b6666bb9f6cae74a6caa2bb02b7c6c708925dbdc17782a04eeb472a
SSDEEP

196608:yIIQxYuxFeQFrqNYaG59Fa9FVDNWXVkHo/EZb:rI0PFLrqNYv529PDNs2Ho/EZb

Score

8^/10

discovery persistence spyware stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

Vega X_94306.exe

Resource

win7-20230621-en

windows7-x64

9 signatures

300 seconds

Behavioral task

behavioral2

Sample

Vega X_94306.exe

Resource

win10v2004-20230621-en

discovery persistence spyware stealer upx

windows10-2004-x64

27 signatures

300 seconds

Malware Config

Targets

- Target
  
  Vega X_94306.exe
- Size
  
  8.7MB
- MD5
  
  d95304d22479d196942a8e188113884c
- SHA1
  
  f9f88c60a21b7348dd4732134862b80eb324be60
- SHA256
  
  cc8884209d49144b756c86a3a65385307c06415776863eeec0746438ff8d3e36
- SHA512
  
  67ad51defe3912434e6c1e9002027517e30c1ff7ddf6592bef10bb14c232b96a234520d92b6666bb9f6cae74a6caa2bb02b7c6c708925dbdc17782a04eeb472a
- SSDEEP
  
  196608:yIIQxYuxFeQFrqNYaG59Fa9FVDNWXVkHo/EZb:rI0PFLrqNYv529PDNs2Ho/EZb
Score

8^/10

discovery persistence spyware stealer upx
- Downloads MZ/PE file
- Modifies Installed Components in the registry
  persistence
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks for any installed AV software in registry
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Peripheral Device Discovery

Query Registry

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistencespywarestealerupx

© 2018-2025

Terms | Privacy