Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

HEUR-Worm....66.exe

windows7-x64

9

HEUR-Worm....66.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    HEUR-Worm.Win32.Movie666.gen-48cd64aa519a94f81e758f8c492cd6b17afc10fff8c4d37293f2fd8cfe14519c

  • Size

    1.8MB

  • Sample

    240229-kkktwabf4w

  • MD5

    c2d8e4d54d716a9a971c91a9eac29492

  • SHA1

    739f94f80bab2900c604c99b6cb20b00f728d48d

  • SHA256

    48cd64aa519a94f81e758f8c492cd6b17afc10fff8c4d37293f2fd8cfe14519c

  • SHA512

    05e389d42ee81480f66552ce46abf6b8b3d33d96009b809bfa43680e30fbe67196122dfdd2af648b377c3d6d9edc86e7eabe1bc3a881d57d74d6048238515d4a

  • SSDEEP

    49152:5YVWRxf9+CJU5JDMisX4X7mtbqdWAnhxq8:iV2DJSh5ibqAAna8

Score
10/10
persistencespywarestealer

Malware Config

Targets

    • Target

      HEUR-Worm.Win32.Movie666.gen-48cd64aa519a94f81e758f8c492cd6b17afc10fff8c4d37293f2fd8cfe14519c

    • Size

      1.8MB

    • MD5

      c2d8e4d54d716a9a971c91a9eac29492

    • SHA1

      739f94f80bab2900c604c99b6cb20b00f728d48d

    • SHA256

      48cd64aa519a94f81e758f8c492cd6b17afc10fff8c4d37293f2fd8cfe14519c

    • SHA512

      05e389d42ee81480f66552ce46abf6b8b3d33d96009b809bfa43680e30fbe67196122dfdd2af648b377c3d6d9edc86e7eabe1bc3a881d57d74d6048238515d4a

    • SSDEEP

      49152:5YVWRxf9+CJU5JDMisX4X7mtbqdWAnhxq8:iV2DJSh5ibqAAna8

    Score
    9/10
    persistencespywarestealer

    • Detects executables containing possible sandbox analysis VM usernames

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks