7fee6db599bdc55d600da75e6c2ebca5a6bd754405dd119f785cc3e94137a500 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

05bb1cd74b...a9.exe

windows7-x64

05bb1cd74b...a9.exe

windows10-2004-x64

3

Sharing

General

Target

05bb1cd74be52b3a6023dc450ae9c6a9
Size

365KB
Sample

231229-2g8vzaegbk
MD5

05bb1cd74be52b3a6023dc450ae9c6a9
SHA1

4f651c51f70fae5d36f1e40c4d385e310531528a
SHA256

7fee6db599bdc55d600da75e6c2ebca5a6bd754405dd119f785cc3e94137a500
SHA512

8a6d7aa3903a619ba27f4b9f11967a425da4e2d20cc02022570068cc3c298999774f46a46ee76749577b4335634bc03ffea12ae43187283db9b46b30a197ddc9
SSDEEP

6144:5FQvx0NXgEJL8kTvI/qFUmZQab7T5kaRJMggJEEVlRbkSD+WyWIaNmp:5FQvC+EJVTU5OQdaRag4ESluSDj3q

Score

10^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

05bb1cd74be52b3a6023dc450ae9c6a9.exe

Resource

win7-20231215-en

persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

05bb1cd74be52b3a6023dc450ae9c6a9.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Targets

- Target
  
  05bb1cd74be52b3a6023dc450ae9c6a9
- Size
  
  365KB
- MD5
  
  05bb1cd74be52b3a6023dc450ae9c6a9
- SHA1
  
  4f651c51f70fae5d36f1e40c4d385e310531528a
- SHA256
  
  7fee6db599bdc55d600da75e6c2ebca5a6bd754405dd119f785cc3e94137a500
- SHA512
  
  8a6d7aa3903a619ba27f4b9f11967a425da4e2d20cc02022570068cc3c298999774f46a46ee76749577b4335634bc03ffea12ae43187283db9b46b30a197ddc9
- SSDEEP
  
  6144:5FQvx0NXgEJL8kTvI/qFUmZQab7T5kaRJMggJEEVlRbkSD+WyWIaNmp:5FQvC+EJVTU5OQdaRag4ESluSDj3q
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy