3a1c58919f5a64f0149e4a165d90c4b98713534581f6e81f98977e0d033eda1c | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

edfa001f31...88.exe

windows7-x64

7

edfa001f31...88.exe

windows10-2004-x64

7

Sharing

General

Target

edfa001f31e14d05c4c8c3559d5bde88
Size

3.9MB
Sample

231222-twhnbsfdbk
MD5

edfa001f31e14d05c4c8c3559d5bde88
SHA1

5a4e8c0528fa3d1b304a38e88ca6b8ce41975f41
SHA256

3a1c58919f5a64f0149e4a165d90c4b98713534581f6e81f98977e0d033eda1c
SHA512

b7c7661cc657712ccd6230f8d288c140ff5c7eea85c0fdfa25fb2cf173a7e88b10e5c0d44c183572b94c9c79e18752fbcb041002a8209cff0053831bdd3534a3
SSDEEP

98304:MB+r/S/CptDqD2i7D3xkOxYwpKI02v4w1zWD2i7D3xkOxYwpK6g9i1kngzH9eD2O:22/ptqh7FkNqKI001yh7FkNqK6g9i1EN

Score

7^/10

upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

edfa001f31e14d05c4c8c3559d5bde88.exe

Resource

win7-20231129-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

edfa001f31e14d05c4c8c3559d5bde88.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  edfa001f31e14d05c4c8c3559d5bde88
- Size
  
  3.9MB
- MD5
  
  edfa001f31e14d05c4c8c3559d5bde88
- SHA1
  
  5a4e8c0528fa3d1b304a38e88ca6b8ce41975f41
- SHA256
  
  3a1c58919f5a64f0149e4a165d90c4b98713534581f6e81f98977e0d033eda1c
- SHA512
  
  b7c7661cc657712ccd6230f8d288c140ff5c7eea85c0fdfa25fb2cf173a7e88b10e5c0d44c183572b94c9c79e18752fbcb041002a8209cff0053831bdd3534a3
- SSDEEP
  
  98304:MB+r/S/CptDqD2i7D3xkOxYwpKI02v4w1zWD2i7D3xkOxYwpK6g9i1kngzH9eD2O:22/ptqh7FkNqKI001yh7FkNqK6g9i1EN
Score

7^/10

upx
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy