eeee2b0a6ad1c7e4614fed4dfbe58b63776f6a3a6758267b5a976b4dc4315f48 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

wireguard-...er.exe

windows10-2004-x64

6

Sharing

General

Target

wireguard-installer.exe
Size

85KB
Sample

230705-xv7gvagg9v
MD5

1cf9257c07936d7fbf508dc113e9b6d5
SHA1

324f8a1f0779fe42baabc544bc7f6814a3d150ca
SHA256

eeee2b0a6ad1c7e4614fed4dfbe58b63776f6a3a6758267b5a976b4dc4315f48
SHA512

081fa75e73138fb403aa01cb09f3051b7ee6954ab0a15366016cabe873d7a64f8374c85d9bcdf068fa019930419c818d102063983a5547ae5107773fe25e5c12
SSDEEP

1536:+UD86+VKgtoNMJiYkiW2yF4q/4i98+ayxpF0Kxn+7ygK/fM:RwlJnsiJyrQi98+ay+KqK/k

Score

6^/10

Static task

static1

Behavioral task

behavioral1

Sample

wireguard-installer.exe

Resource

win10v2004-20230703-en

windows10-2004-x64

24 signatures

600 seconds

Malware Config

Targets

- Target
  
  wireguard-installer.exe
- Size
  
  85KB
- MD5
  
  1cf9257c07936d7fbf508dc113e9b6d5
- SHA1
  
  324f8a1f0779fe42baabc544bc7f6814a3d150ca
- SHA256
  
  eeee2b0a6ad1c7e4614fed4dfbe58b63776f6a3a6758267b5a976b4dc4315f48
- SHA512
  
  081fa75e73138fb403aa01cb09f3051b7ee6954ab0a15366016cabe873d7a64f8374c85d9bcdf068fa019930419c818d102063983a5547ae5107773fe25e5c12
- SSDEEP
  
  1536:+UD86+VKgtoNMJiYkiW2yF4q/4i98+ayxpF0Kxn+7ygK/fM:RwlJnsiJyrQi98+ay+KqK/k
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy