1eea5073c05f06eb99fc1a0bc1f19a9641037d507dadb6a4620cd875a563c93c | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

7

1eea5073c0...3c.exe

windows7-x64

1eea5073c0...3c.exe

windows10-2004-x64

Sharing

General

Target

1eea5073c05f06eb99fc1a0bc1f19a9641037d507dadb6a4620cd875a563c93c
Size

11.1MB
Sample

230922-cjrl2adh56
MD5

4edebaf2db8a9692c62283a06ba37cc8
SHA1

ac698b4892c703ab1df30ad3995bef26537771df
SHA256

1eea5073c05f06eb99fc1a0bc1f19a9641037d507dadb6a4620cd875a563c93c
SHA512

9c411787cd579ff405c6f4ea863d3354cf9199315951ac04d84cfd06c21efa2dac0a74ea83b61c2cb30e129fdfad41e53008a003e64e7e54588d0404a9121644
SSDEEP

196608:+pjfEMCIgaPQ5sjWwjNvexZtT4gaZD/oStzCX/eu7aVhJnwz0a:+xxxgaPQqO94rD/oSgjaVTwz0

Score

10^/10

evasion trojan upx vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

1eea5073c05f06eb99fc1a0bc1f19a9641037d507dadb6a4620cd875a563c93c.exe

Resource

win7-20230831-en

evasion trojan upx vmprotect

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

1eea5073c05f06eb99fc1a0bc1f19a9641037d507dadb6a4620cd875a563c93c.exe

Resource

win10v2004-20230915-en

evasion trojan upx vmprotect

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  1eea5073c05f06eb99fc1a0bc1f19a9641037d507dadb6a4620cd875a563c93c
- Size
  
  11.1MB
- MD5
  
  4edebaf2db8a9692c62283a06ba37cc8
- SHA1
  
  ac698b4892c703ab1df30ad3995bef26537771df
- SHA256
  
  1eea5073c05f06eb99fc1a0bc1f19a9641037d507dadb6a4620cd875a563c93c
- SHA512
  
  9c411787cd579ff405c6f4ea863d3354cf9199315951ac04d84cfd06c21efa2dac0a74ea83b61c2cb30e129fdfad41e53008a003e64e7e54588d0404a9121644
- SSDEEP
  
  196608:+pjfEMCIgaPQ5sjWwjNvexZtT4gaZD/oStzCX/eu7aVhJnwz0a:+xxxgaPQqO94rD/oSgjaVTwz0
Score

10^/10

evasion trojan upx vmprotect
- UAC bypass
  evasion trojan
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasiontrojanupxvmprotect

behavioral2

evasiontrojanupxvmprotect

© 2018-2025

Terms | Privacy