2743575fa189cfb74860f3d131088115221dc65b69f59a6df6705d362711a468 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

2743575fa1...68.exe

windows7-x64

9

2743575fa1...68.exe

windows10-2004-x64

9

Sharing

General

Target

2743575fa189cfb74860f3d131088115221dc65b69f59a6df6705d362711a468
Size

160KB
Sample

240201-h2de1sgahj
MD5

45e13396da747381791b0eaa4272cd8f
SHA1

e37739e8158bdc2c0eb6d99e5d13864a6361dd48
SHA256

2743575fa189cfb74860f3d131088115221dc65b69f59a6df6705d362711a468
SHA512

593e75c97315b2611f3991e429557a6247fedd4cd3a0f939b6b2f97fec53973402fdcb41320515981f612c789d0d189ffb419cf8371c71bfb1338123b1c78829
SSDEEP

3072:hFB3O3IRORghwODMJlz1dxoOXwupftmt/EI7+Pyha/afPuoSZrGEA6k:jBZcIDqvysbpfU6IaPuas

Score

10^/10

discovery upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

2743575fa189cfb74860f3d131088115221dc65b69f59a6df6705d362711a468.exe

Resource

win7-20231215-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

2743575fa189cfb74860f3d131088115221dc65b69f59a6df6705d362711a468.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  2743575fa189cfb74860f3d131088115221dc65b69f59a6df6705d362711a468
- Size
  
  160KB
- MD5
  
  45e13396da747381791b0eaa4272cd8f
- SHA1
  
  e37739e8158bdc2c0eb6d99e5d13864a6361dd48
- SHA256
  
  2743575fa189cfb74860f3d131088115221dc65b69f59a6df6705d362711a468
- SHA512
  
  593e75c97315b2611f3991e429557a6247fedd4cd3a0f939b6b2f97fec53973402fdcb41320515981f612c789d0d189ffb419cf8371c71bfb1338123b1c78829
- SSDEEP
  
  3072:hFB3O3IRORghwODMJlz1dxoOXwupftmt/EI7+Pyha/afPuoSZrGEA6k:jBZcIDqvysbpfU6IaPuas
Score

9^/10

upx discovery
- Detects command variations typically used by ransomware
- UPX dump on OEP (original entry point)
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy