9ad94c700902f2b8987a61d65cf57169a6720eac234a2bee2a252192ee798bff | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

ab1d873d92...f1.exe

windows7-x64

ab1d873d92...f1.exe

windows10-2004-x64

1

Sharing

General

Target

ab1d873d92302df9cdbe1bbb67f4c9f1
Size

485KB
Sample

240228-f6wq2scc21
MD5

ab1d873d92302df9cdbe1bbb67f4c9f1
SHA1

7985c9cbb9c1b84b910f47b2096fd5f02ca97829
SHA256

9ad94c700902f2b8987a61d65cf57169a6720eac234a2bee2a252192ee798bff
SHA512

7140d51c26430d0f1b37110575944d62c8e52a6aea0169ca728bfe430d5a61dae542e3b8a28cae0fd82b2fbba985fd636b9cffd78e5af61bc36c6f9e76b0290d
SSDEEP

12288:nbaOt4cDU+iTDwZGdXbL3JTdofqNLHagw8Dw0/kU1j31:bDDsm+rL5TRNL6iwiku

Score

10^/10

evasion persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ab1d873d92302df9cdbe1bbb67f4c9f1.exe

Resource

win7-20240221-en

evasion persistence

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

ab1d873d92302df9cdbe1bbb67f4c9f1.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  ab1d873d92302df9cdbe1bbb67f4c9f1
- Size
  
  485KB
- MD5
  
  ab1d873d92302df9cdbe1bbb67f4c9f1
- SHA1
  
  7985c9cbb9c1b84b910f47b2096fd5f02ca97829
- SHA256
  
  9ad94c700902f2b8987a61d65cf57169a6720eac234a2bee2a252192ee798bff
- SHA512
  
  7140d51c26430d0f1b37110575944d62c8e52a6aea0169ca728bfe430d5a61dae542e3b8a28cae0fd82b2fbba985fd636b9cffd78e5af61bc36c6f9e76b0290d
- SSDEEP
  
  12288:nbaOt4cDU+iTDwZGdXbL3JTdofqNLHagw8Dw0/kU1j31:bDDsm+rL5TRNL6iwiku
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Disables Task Manager via registry modification
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

© 2018-2025

Terms | Privacy