82457c5306c5e3b5a3a3dbd99c473eae245f95f4b91575b2c7704edcf04eb384 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

Device/Har...er.exe

windows7-x64

8

Device/Har...er.exe

windows10-2004-x64

8

Sharing

General

Target

UVUpdater.exe
Size

3.3MB
Sample

230706-jcp8yshe28
MD5

35b4dac81a4e9700cb6cbf01aaaccc0f
SHA1

1f392fcb57445817767cde2c8cc6989e2613e907
SHA256

82457c5306c5e3b5a3a3dbd99c473eae245f95f4b91575b2c7704edcf04eb384
SHA512

13b8269b03fc6e31ba7ac59af7ae0745aa392860ad03b17e88bb9766aa84a8e93267442f68194a095a52d0472d03d7d31363c2f3ed2c0a23f852084c17e8324b
SSDEEP

49152:Icfdrg2PioquqH+ZmipqxkD9jOk27lI/uuEvlrrsuFEmuQY7fMVDkT8bpmQxomZG:Icfdra7X33GuBl8G1jyUVQRQXsBwzo

Score

8^/10

discovery evasion upx

Static task

static1

Behavioral task

behavioral1

Sample

Device/HarddiskVolume4/Program Files (x86)/UltraViewer/Update/UVUpdater.exe

Resource

win7-20230705-en

discovery evasion upx

windows7-x64

21 signatures

150 seconds

Behavioral task

behavioral2

Sample

Device/HarddiskVolume4/Program Files (x86)/UltraViewer/Update/UVUpdater.exe

Resource

win10v2004-20230703-en

discovery evasion upx

windows10-2004-x64

21 signatures

150 seconds

Malware Config

Targets

- Target
  
  Device/HarddiskVolume4/Program Files (x86)/UltraViewer/Update/UVUpdater.exe
- Size
  
  3.4MB
- MD5
  
  58c7835275c287ffa6aab23500b61ecb
- SHA1
  
  8d4ef999c7755423576bfcfd9092d4976f409c29
- SHA256
  
  81fb1f2231fc1956351a3ad690ffad177b8174f52d51518bd5333e9ce24cb042
- SHA512
  
  788a55c52b6b748e0f330c201a2cd65471265742b35f4672bf8183a338566212e8710bb6603501d6e76eeb7da263abb39bfaa0e1d1024b86212fb1a0d42d5394
- SSDEEP
  
  98304:H5zZ80gsEX+LjH24iPFna6KbgxZiZc7Xmhcf9ViPS:Hf80gsl3WLs6EZI2GFcS
Score

8^/10

discovery evasion upx
- Stops running service(s)
  evasion
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Impair Defenses

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionupx

behavioral2

discoveryevasionupx

© 2018-2025

Terms | Privacy