f27089e764a7cc4fc490dbc02986b759fb77a085e665b359aa49697e72c6ab6e | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

7

7bd04633f8...a7.exe

windows7-x64

7bd04633f8...a7.exe

windows10-2004-x64

Sharing

General

Target

7bd04633f8ccdaa8adf2c08ca5fb86a7
Size

28KB
Sample

240128-bzyvlsgee3
MD5

7bd04633f8ccdaa8adf2c08ca5fb86a7
SHA1

384a9c69f3ce0a87c45733dff8e5d6757af88a6c
SHA256

f27089e764a7cc4fc490dbc02986b759fb77a085e665b359aa49697e72c6ab6e
SHA512

6381bb439aeb5c49e9de041a03115f3a9a23f9bf437ac4631621412294e917b0b528dc41633ff38bc8a4f00ce9a0bc7c2f2df3fb24c1c407812ce8952e282cb1
SSDEEP

768:MC9IUHWc3YdxPJB65qf+wgGfwp3U1fZHfEO7CDrm:MCSUHWc3YdZJB/gNpk1BfDH

Score

10^/10

evasion persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

7bd04633f8ccdaa8adf2c08ca5fb86a7.exe

Resource

win7-20231129-en

evasion persistence upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

7bd04633f8ccdaa8adf2c08ca5fb86a7.exe

Resource

win10v2004-20231215-en

evasion persistence upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  7bd04633f8ccdaa8adf2c08ca5fb86a7
- Size
  
  28KB
- MD5
  
  7bd04633f8ccdaa8adf2c08ca5fb86a7
- SHA1
  
  384a9c69f3ce0a87c45733dff8e5d6757af88a6c
- SHA256
  
  f27089e764a7cc4fc490dbc02986b759fb77a085e665b359aa49697e72c6ab6e
- SHA512
  
  6381bb439aeb5c49e9de041a03115f3a9a23f9bf437ac4631621412294e917b0b528dc41633ff38bc8a4f00ce9a0bc7c2f2df3fb24c1c407812ce8952e282cb1
- SSDEEP
  
  768:MC9IUHWc3YdxPJB65qf+wgGfwp3U1fZHfEO7CDrm:MCSUHWc3YdZJB/gNpk1BfDH
Score

10^/10

evasion persistence upx
- Modifies firewall policy service
  evasion
- Modifies Windows Firewall
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceupx

behavioral2

evasionpersistenceupx

© 2018-2025

Terms | Privacy