Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

Aquatic_V3.exe

windows10-2004-x64

8

Aquatic_V3.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Aquatic_V3.zip

  • Size

    2.3MB

  • Sample

    240315-g6y2vahh9s

  • MD5

    02fef61dc3498e3bb48ab999a59f70ae

  • SHA1

    d462554b3f41d15bf98d8275da31849b3d8e19db

  • SHA256

    9ef2be22125e81f24389ac7f338187b883fe9c279d72ed6cbe9b2c007c2cd6ed

  • SHA512

    0384c1d9892c91e779c1a5528fb82ff5dc9a955aa5aa752b500a658d6a25f1cd68675666e2f0c3c1c7e4bdfc9867791e6821ca604e2da0e2d91739508d5b0e82

  • SSDEEP

    49152:NMSv2Wd8O2QulBEEJY3pZ557yVMGLQpS7xETLk202GHLp8bJP0YVWsJnU+A:NMNeu/EEJopZ5BGLQ0iTLZ02w6bJP0nv

Score
8/10
evasion

Malware Config

Targets

    • Target

      Aquatic_V3.exe

    • Size

      2.8MB

    • MD5

      99e3bd9d720cd5225a0a5bc68083bd8d

    • SHA1

      7fdc97c76dcee5cbefd2a49425f1c161241047b8

    • SHA256

      93a68ff2fad73f03cd57898d381641488800e6f3972a5fcff06426a498383b79

    • SHA512

      6070c5445fb24c0a43faace255df0df6928d39af5e48d36bd6104a65147545902e051f70c859fb3e1b940c88745d856351811ae4b63b4fa65d95a12e8b9c5ac7

    • SSDEEP

      49152:OVW97XtBjD7X5xbGNrWIxKiaDT6pxdObf+uRTlN4afnm16m+gmoZist:OV8tB7X5tGN6YKiw6pUf+uRTTOIduZiS

    Score
    8/10
    evasion

    • Stops running service(s)

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks