245c243a6b942dba31ab175991ab7adadd6b6fc2039c5f52abf518291323cec7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

ComSoft-Basic-5.exe

windows10-1703-x64

8

Sharing

General

Target

ComSoft-Basic-5.exe
Size

168.7MB
Sample

231121-jpsjvadg61
MD5

6aa07c314dad5828ea92d87ee23c8f5d
SHA1

61a4fa0a9b66ff7cfa933f342f4f33d01cd8b47f
SHA256

245c243a6b942dba31ab175991ab7adadd6b6fc2039c5f52abf518291323cec7
SHA512

1e1e22b6b82b17da6c5073e8ea4370745ceb20bed9f5e9d93bc783208de70aef1a6d1c1cc4386474726cc96fb197d9088fdf1ba0edba4946f63b589e4ce31f3c
SSDEEP

3145728:AhcGV6UyYWyAsohy3uQ4hx+rrna5zijvYjd+qtHXL/TfjXaVZ4A2GjwKH:6R1yYWWD4wna5mgjt7DjXaV7OKH

Score

8^/10

discovery upx

Static task

static1

Behavioral task

behavioral1

Sample

ComSoft-Basic-5.exe

Resource

win10-20231023-de

windows10-1703-x64

22 signatures

300 seconds

Malware Config

Targets

- Target
  
  ComSoft-Basic-5.exe
- Size
  
  168.7MB
- MD5
  
  6aa07c314dad5828ea92d87ee23c8f5d
- SHA1
  
  61a4fa0a9b66ff7cfa933f342f4f33d01cd8b47f
- SHA256
  
  245c243a6b942dba31ab175991ab7adadd6b6fc2039c5f52abf518291323cec7
- SHA512
  
  1e1e22b6b82b17da6c5073e8ea4370745ceb20bed9f5e9d93bc783208de70aef1a6d1c1cc4386474726cc96fb197d9088fdf1ba0edba4946f63b589e4ce31f3c
- SSDEEP
  
  3145728:AhcGV6UyYWyAsohy3uQ4hx+rrna5zijvYjd+qtHXL/TfjXaVZ4A2GjwKH:6R1yYWWD4wna5mgjt7DjXaV7OKH
Score

8^/10

discovery upx
- Manipulates Digital Signatures
  Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

SIP and Trust Provider Hijacking

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy