5f119f0992ec733f0233f89781ee52beb8d8d2b4d98c376acaf489b3c2044a27 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

clicker.exe

windows10-2004-x64

7

Sharing

General

Target

clicker.exe
Size

30.0MB
Sample

231117-st6rpsbd2x
MD5

6c6574aec86c4cdc89747800e13e4b56
SHA1

ba4948adc4616e1ed0ac6b161d97ca670b6726d6
SHA256

5f119f0992ec733f0233f89781ee52beb8d8d2b4d98c376acaf489b3c2044a27
SHA512

1930a99267d84a02ae0be767f47168399d5b052f75080b20c694c688743d2b2a21889c6b7db791a49808e1ff6c1849b94bdaff51d2134105fe9b12bd9f836b80
SSDEEP

786432:nooHOW5ud1h/fyVmCyi1UlcAhYXKY6e7wB9nmOXLZKt6r:TZsdjXyVQiqlcAiv6kwvnT

Score

7^/10

pyinstaller

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

clicker.exe

Resource

win10v2004-20231020-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  clicker.exe
- Size
  
  30.0MB
- MD5
  
  6c6574aec86c4cdc89747800e13e4b56
- SHA1
  
  ba4948adc4616e1ed0ac6b161d97ca670b6726d6
- SHA256
  
  5f119f0992ec733f0233f89781ee52beb8d8d2b4d98c376acaf489b3c2044a27
- SHA512
  
  1930a99267d84a02ae0be767f47168399d5b052f75080b20c694c688743d2b2a21889c6b7db791a49808e1ff6c1849b94bdaff51d2134105fe9b12bd9f836b80
- SSDEEP
  
  786432:nooHOW5ud1h/fyVmCyi1UlcAhYXKY6e7wB9nmOXLZKt6r:TZsdjXyVQiqlcAiv6kwvnT
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy