da7a47b48ce813ad1cedfea4533d1cb1e2c06e8c407dfa952f15d363e72f96ce | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Wakamarina...NZ.zip

windows11-21h2-x64

7

Sharing

General

Target

Wakamarina Valley, NZ.zip
Size

820.0MB
Sample

240223-e8jc3aba3w
MD5

80650a32f3affa8add6aacca783888e3
SHA1

3cc8a9741d561ac181136d4af47961985605107d
SHA256

da7a47b48ce813ad1cedfea4533d1cb1e2c06e8c407dfa952f15d363e72f96ce
SHA512

fb71507ea428e79bced6e4ce31d2cfd45fb64c2ea59528ebd51024343fb787b60656798be2ab2e055dc3359718c26d92d8c2a68e9a36c0fb293a5cc7d5a62c44
SSDEEP

25165824:VQZvsYnFsWQcluVKbMjRnhes7VHCDegRDMlZCaSAaw49x92zthTX9:iZvsYnFsWp3ERUsC1aSY492zz5

Score

7^/10

discovery link pdf persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Wakamarina Valley, NZ.zip

Resource

win11-20240221-en

discovery persistence

windows11-21h2-x64

19 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Wakamarina Valley, NZ.zip
- Size
  
  820.0MB
- MD5
  
  80650a32f3affa8add6aacca783888e3
- SHA1
  
  3cc8a9741d561ac181136d4af47961985605107d
- SHA256
  
  da7a47b48ce813ad1cedfea4533d1cb1e2c06e8c407dfa952f15d363e72f96ce
- SHA512
  
  fb71507ea428e79bced6e4ce31d2cfd45fb64c2ea59528ebd51024343fb787b60656798be2ab2e055dc3359718c26d92d8c2a68e9a36c0fb293a5cc7d5a62c44
- SSDEEP
  
  25165824:VQZvsYnFsWQcluVKbMjRnhes7VHCDegRDMlZCaSAaw49x92zthTX9:iZvsYnFsWp3ERUsC1aSY492zz5
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

© 2018-2025

Terms | Privacy