34236e767db90d8f0754cf71e77ca17cc65a1cc5890402a532758718da03afb6 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

565dce884c...ca.exe

windows7-x64

7

565dce884c...ca.exe

windows10-2004-x64

7

Sharing

General

Target

565dce884c9975a9b297c1cc7a858cca
Size

183KB
Sample

240112-nvyp9sfbhk
MD5

565dce884c9975a9b297c1cc7a858cca
SHA1

7539ada7c6f844c8dec0beaf7748130e0f274f10
SHA256

34236e767db90d8f0754cf71e77ca17cc65a1cc5890402a532758718da03afb6
SHA512

51ca735bbac617d195442fa2fd8922f1665d68012b12a7f8c44f305da57ceba2b6a885720991847e0a3aa6954ce76fc35cc98681c17d24e67a7a0cb2a43842b8
SSDEEP

3072:9MSncRzAOcNb3mML5dxNqOooCoDErB0nyde/xTBLfhv:eSncRlcNbl5dLDEBAyUp

Score

7^/10

evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

565dce884c9975a9b297c1cc7a858cca.exe

Resource

win7-20231215-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

565dce884c9975a9b297c1cc7a858cca.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  565dce884c9975a9b297c1cc7a858cca
- Size
  
  183KB
- MD5
  
  565dce884c9975a9b297c1cc7a858cca
- SHA1
  
  7539ada7c6f844c8dec0beaf7748130e0f274f10
- SHA256
  
  34236e767db90d8f0754cf71e77ca17cc65a1cc5890402a532758718da03afb6
- SHA512
  
  51ca735bbac617d195442fa2fd8922f1665d68012b12a7f8c44f305da57ceba2b6a885720991847e0a3aa6954ce76fc35cc98681c17d24e67a7a0cb2a43842b8
- SSDEEP
  
  3072:9MSncRzAOcNb3mML5dxNqOooCoDErB0nyde/xTBLfhv:eSncRlcNbl5dLDEBAyUp
Score

7^/10

evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy