196d5ee8ae6467ac61f7a9a9ab8e6143fcfaddf7bf9b703206d7bb611e940b05 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

196d5ee8ae...05.exe

windows7-x64

7

196d5ee8ae...05.exe

windows10-2004-x64

7

Sharing

General

Target

196d5ee8ae6467ac61f7a9a9ab8e6143fcfaddf7bf9b703206d7bb611e940b05
Size

199KB
Sample

231001-ex3ybsgh8x
MD5

0390c24c81550e429e89734e3cdc208b
SHA1

2c762955be7147c1335f85b990cf2f0aee06636c
SHA256

196d5ee8ae6467ac61f7a9a9ab8e6143fcfaddf7bf9b703206d7bb611e940b05
SHA512

bd4313986328394942184363c8807c6a6962f56eb50d6d0590e526247c8dba466c01f744878066ed72ba660a70f28d4696376f24291652caa15ed6aca7d86a68
SSDEEP

6144:rBs27MMLyX5HXXXDTXXXOGqIII+pXXX5AYjKXXXDoXXXG6XXXxXXXLIIIEAkOCOo:rK20HXXX/XXXFqIIIcXXX5j2XXXcXXX1

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

196d5ee8ae6467ac61f7a9a9ab8e6143fcfaddf7bf9b703206d7bb611e940b05.exe

Resource

win7-20230831-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

196d5ee8ae6467ac61f7a9a9ab8e6143fcfaddf7bf9b703206d7bb611e940b05.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  196d5ee8ae6467ac61f7a9a9ab8e6143fcfaddf7bf9b703206d7bb611e940b05
- Size
  
  199KB
- MD5
  
  0390c24c81550e429e89734e3cdc208b
- SHA1
  
  2c762955be7147c1335f85b990cf2f0aee06636c
- SHA256
  
  196d5ee8ae6467ac61f7a9a9ab8e6143fcfaddf7bf9b703206d7bb611e940b05
- SHA512
  
  bd4313986328394942184363c8807c6a6962f56eb50d6d0590e526247c8dba466c01f744878066ed72ba660a70f28d4696376f24291652caa15ed6aca7d86a68
- SSDEEP
  
  6144:rBs27MMLyX5HXXXDTXXXOGqIII+pXXX5AYjKXXXDoXXXG6XXXxXXXLIIIEAkOCOo:rK20HXXX/XXXFqIIIcXXX5j2XXXcXXX1
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy