b301e75b8e912087b505604a2a2f23577631d69514bad1c8223b81adc8a37911 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

b301e75b8e...11.exe

windows7-x64

b301e75b8e...11.exe

windows10-2004-x64

Sharing

General

Target

b301e75b8e912087b505604a2a2f23577631d69514bad1c8223b81adc8a37911
Size

319KB
Sample

240406-b8b27shd73
MD5

535b9dd057abf2df643aa19e09763911
SHA1

a3014dec836317a85a647de84f1607aca4f17f9b
SHA256

b301e75b8e912087b505604a2a2f23577631d69514bad1c8223b81adc8a37911
SHA512

ecb8357a19199fe6e5a1787bd61449b8d2c5a73f47958380beb492b0520337a44ec5044d1ed1b74cb5448d426a8b3e09f74421f072d624ccc6985c2755931a01
SSDEEP

6144:oAecbuBQy7Sb0riExpMMF9yyjeEUxmLSOBMvNOzc3m/JSrSrrwZsPHItIPG:becyG+F9yynUazcW/JCM8Uot

Score

10^/10

evasion

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

b301e75b8e912087b505604a2a2f23577631d69514bad1c8223b81adc8a37911.exe

Resource

win7-20240319-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

b301e75b8e912087b505604a2a2f23577631d69514bad1c8223b81adc8a37911.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  b301e75b8e912087b505604a2a2f23577631d69514bad1c8223b81adc8a37911
- Size
  
  319KB
- MD5
  
  535b9dd057abf2df643aa19e09763911
- SHA1
  
  a3014dec836317a85a647de84f1607aca4f17f9b
- SHA256
  
  b301e75b8e912087b505604a2a2f23577631d69514bad1c8223b81adc8a37911
- SHA512
  
  ecb8357a19199fe6e5a1787bd61449b8d2c5a73f47958380beb492b0520337a44ec5044d1ed1b74cb5448d426a8b3e09f74421f072d624ccc6985c2755931a01
- SSDEEP
  
  6144:oAecbuBQy7Sb0riExpMMF9yyjeEUxmLSOBMvNOzc3m/JSrSrrwZsPHItIPG:becyG+F9yynUazcW/JCM8Uot
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy