a2a30694a006fef8c0dde22d3265dcc109f4bea562aefca8f8194fcb3ad67d72 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

a2a30694a0...72.exe

windows7-x64

a2a30694a0...72.exe

windows10-2004-x64

Sharing

General

Target

a2a30694a006fef8c0dde22d3265dcc109f4bea562aefca8f8194fcb3ad67d72
Size

434KB
Sample

240310-ae4ppafc2y
MD5

64d8a1beb1504d766cb99819115cc619
SHA1

1e61d7733654010f6c36b0fa849195c3f9f2f85a
SHA256

a2a30694a006fef8c0dde22d3265dcc109f4bea562aefca8f8194fcb3ad67d72
SHA512

63c7ec7de1e234e9bc791d5410f1c14f7de56ac682253d942c72e4b5c196920e4576c6086d5a27b45aadb6607be8cd1e24600631c056aee36555198a5005db52
SSDEEP

12288:q6Wq4aaE6KwyF5L0Y2D1PqLy6Wq4aaE6KwyF5L+:IthEVaPqLwthEu

Score

10^/10

evasion upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

a2a30694a006fef8c0dde22d3265dcc109f4bea562aefca8f8194fcb3ad67d72.exe

Resource

win7-20231129-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

a2a30694a006fef8c0dde22d3265dcc109f4bea562aefca8f8194fcb3ad67d72.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  a2a30694a006fef8c0dde22d3265dcc109f4bea562aefca8f8194fcb3ad67d72
- Size
  
  434KB
- MD5
  
  64d8a1beb1504d766cb99819115cc619
- SHA1
  
  1e61d7733654010f6c36b0fa849195c3f9f2f85a
- SHA256
  
  a2a30694a006fef8c0dde22d3265dcc109f4bea562aefca8f8194fcb3ad67d72
- SHA512
  
  63c7ec7de1e234e9bc791d5410f1c14f7de56ac682253d942c72e4b5c196920e4576c6086d5a27b45aadb6607be8cd1e24600631c056aee36555198a5005db52
- SSDEEP
  
  12288:q6Wq4aaE6KwyF5L0Y2D1PqLy6Wq4aaE6KwyF5L+:IthEVaPqLwthEu
Score

10^/10

evasion upx
- Modifies visibility of file extensions in Explorer
  evasion
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy