48f947f1028e665251875c1ddcbba74e521ec2694a816e365b390689233ca405 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

FabFilter ...le.exe

windows7-x64

7

FabFilter ...le.exe

windows10-2004-x64

8

Resubmissions

22/11/2023, 11:11

231122-narq8acf2z 8

Sharing

General

Target

FabFilter Total Bundle.exe
Size

42.7MB
Sample

231122-narq8acf2z
MD5

3acf9965d7a4974cc4be307b52e6b8b1
SHA1

da68941d40b75eda0d78c2fa416693dca49e341f
SHA256

48f947f1028e665251875c1ddcbba74e521ec2694a816e365b390689233ca405
SHA512

01a46a4d069a1ecc2ec2c4620e520e1c6f08d918ea8340caeb04234ae1598796ac97fa2c2bf18a797a6e511840b3e8e3d13850344fd324f3bc8008e89a79f34b
SSDEEP

786432:8uw/TQBk3loOAO2CY4wKkc0ONkBVYGHdxWZ/yPCzbTyyf9PqunO8:Fw/TQBk3GJQkr/dxWZ/yab19Pqunn

Score

8^/10

discovery evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

FabFilter Total Bundle.exe

Resource

win7-20231020-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

FabFilter Total Bundle.exe

Resource

win10v2004-20231023-en

discovery evasion

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  FabFilter Total Bundle.exe
- Size
  
  42.7MB
- MD5
  
  3acf9965d7a4974cc4be307b52e6b8b1
- SHA1
  
  da68941d40b75eda0d78c2fa416693dca49e341f
- SHA256
  
  48f947f1028e665251875c1ddcbba74e521ec2694a816e365b390689233ca405
- SHA512
  
  01a46a4d069a1ecc2ec2c4620e520e1c6f08d918ea8340caeb04234ae1598796ac97fa2c2bf18a797a6e511840b3e8e3d13850344fd324f3bc8008e89a79f34b
- SSDEEP
  
  786432:8uw/TQBk3loOAO2CY4wKkc0ONkBVYGHdxWZ/yPCzbTyyf9PqunO8:Fw/TQBk3GJQkr/dxWZ/yab19Pqunn
Score

8^/10

discovery evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion

© 2018-2025

Terms | Privacy