ece6f1cc55af17d8555fd7ebccfdfb17dff2d3817ce348902b593e8d43ec435b | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

windowsdes...64.exe

windows7-x64

6

windowsdes...64.exe

windows10-2004-x64

6

Sharing

General

Target

windowsdesktop-runtime-6.0.26-win-x64.exe
Size

54.9MB
Sample

240114-v8b7rachg3
MD5

fc7c51112cc29b1cb72d82fab00aba93
SHA1

3e6bf16d6f171b0dcc3c630a1bd9371eeb22aa30
SHA256

ece6f1cc55af17d8555fd7ebccfdfb17dff2d3817ce348902b593e8d43ec435b
SHA512

7dd45e746fb0b82c13b91559ac25a39b66b9c94c22e5f9bd91b1dceaff96922b1da2fed152ec36e15f2c7a38e0180508f81807930928c5d0aea225f117a108c4
SSDEEP

1572864:4z1pd8HD1vXqG7nYaXrNF3wZFvxIlYRKrSR5E/:4z1pdKDZXDLnxAxT2w5E/

Score

6^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

windowsdesktop-runtime-6.0.26-win-x64.exe

Resource

win7-20231129-en

discovery persistence

windows7-x64

11 signatures

60 seconds

Behavioral task

behavioral2

Sample

windowsdesktop-runtime-6.0.26-win-x64.exe

Resource

win10v2004-20231215-en

discovery persistence

windows10-2004-x64

15 signatures

60 seconds

Malware Config

Targets

- Target
  
  windowsdesktop-runtime-6.0.26-win-x64.exe
- Size
  
  54.9MB
- MD5
  
  fc7c51112cc29b1cb72d82fab00aba93
- SHA1
  
  3e6bf16d6f171b0dcc3c630a1bd9371eeb22aa30
- SHA256
  
  ece6f1cc55af17d8555fd7ebccfdfb17dff2d3817ce348902b593e8d43ec435b
- SHA512
  
  7dd45e746fb0b82c13b91559ac25a39b66b9c94c22e5f9bd91b1dceaff96922b1da2fed152ec36e15f2c7a38e0180508f81807930928c5d0aea225f117a108c4
- SSDEEP
  
  1572864:4z1pd8HD1vXqG7nYaXrNF3wZFvxIlYRKrSR5E/:4z1pdKDZXDLnxAxT2w5E/
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence

© 2018-2025

Terms | Privacy