af59c36b03ee77d584a3af87cc6444613bacf49094b7233369a835004cd0ad82 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

ICCSafe.Installer.msi

windows7-x64

8

ICCSafe.Installer.msi

windows10-2004-x64

8

Sharing

General

Target

ICCSafe.Installer.msi
Size

107.8MB
Sample

240222-v8zm2sdb3s
MD5

9599a8f5b6c834d4f16a8e7132acea39
SHA1

1306c6d51382fdfac74a6fd777ce93b293dc1a82
SHA256

af59c36b03ee77d584a3af87cc6444613bacf49094b7233369a835004cd0ad82
SHA512

28ad8b8f532460ba6b7401232e7abfe2946f9e895ceeac91d1b63f769c345d3d0bf7ef47ceb23b2450c3611292bfcc4679d9ead87fccf5b4f6c3e17ff9e24d62
SSDEEP

3145728:0GD6Whj3b1fnRj1llWxtHNhk14zpGJrGwxfr8kNq5RJ/64:H6Whj3b1fRRLkHN64NGJrFxf1Nq5D

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

ICCSafe.Installer.msi

Resource

win7-20240221-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

ICCSafe.Installer.msi

Resource

win10v2004-20240221-en

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  ICCSafe.Installer.msi
- Size
  
  107.8MB
- MD5
  
  9599a8f5b6c834d4f16a8e7132acea39
- SHA1
  
  1306c6d51382fdfac74a6fd777ce93b293dc1a82
- SHA256
  
  af59c36b03ee77d584a3af87cc6444613bacf49094b7233369a835004cd0ad82
- SHA512
  
  28ad8b8f532460ba6b7401232e7abfe2946f9e895ceeac91d1b63f769c345d3d0bf7ef47ceb23b2450c3611292bfcc4679d9ead87fccf5b4f6c3e17ff9e24d62
- SSDEEP
  
  3145728:0GD6Whj3b1fnRj1llWxtHNhk14zpGJrGwxfr8kNq5RJ/64:H6Whj3b1fRRLkHN64NGJrFxf1Nq5D
Score

8^/10
- Manipulates Digital Signatures
  Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy