b42f057e86d658a61c518cee1ea307e40e8a79d2025be2101a0569db050aeb9c | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

ZSqNvsi0ZjSW.exe

windows10-2004-x64

7

crack.exe

windows10-2004-x64

1

Sharing

General

Target

readme.zip
Size

19.4MB
Sample

240415-xtmfaadg36
MD5

181d0feed40eda5e186fdae1b560efef
SHA1

db0a0fc03f2ab0b946b0d63f3ae5c307f5925263
SHA256

b42f057e86d658a61c518cee1ea307e40e8a79d2025be2101a0569db050aeb9c
SHA512

16abc84e201de7565bb956565e5b268ab82126d05e9e6021831a5ef47a605cf1fe78b1f52a4cd25638b0cdd0f69984c4469ab228f3c25e9d28bd30fa82321b2f
SSDEEP

393216:C4D7oEAGBpwwHLT3nuBXqVsVP7O/AF6YgzMHesmZIwlDsaKWI:z7AypDLzC6VD/5kesIl/KWI

Score

7^/10

pyinstaller upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ZSqNvsi0ZjSW.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

crack.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  ZSqNvsi0ZjSW.exe
- Size
  
  20.7MB
- MD5
  
  21608bc820dc341c94fab9910c9ff2cd
- SHA1
  
  e9c05b9a8044e9a5e030fe384876075a1454598f
- SHA256
  
  7ef1b13b71220543395a1df921b3f484fdf774d453a14f6b951f9b08bd304652
- SHA512
  
  61adfe8c09e8f1e79503a695e2e91cda056d16141fbcf8fd1de30d04bde5cd7734d713de23346e065d0fa315c465e47d56971e327d97fa22287d2537d897c13b
- SSDEEP
  
  393216:uh9SCD5WyGh2Jp5MLurEUWj77azE5PKk9buK+:I9fTGhpdbXazbkEK+
Score

7^/10

upx
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1
- Target
  
  crack.dll
- Size
  
  6.8MB
- MD5
  
  20e175015be0589d3ea74c2ff578972a
- SHA1
  
  0d33a3130016df92421d3e8fb236ddfc69fcd3c2
- SHA256
  
  b4e7d8845b50d82b2ed0258b65efc2d78c157020256a05925ff6187f550610dc
- SHA512
  
  97fa5b6294c41e799cd90093a6ceb98d15a177370bc744af922453f90087b0f591d54dfcc100edb3d4fdd254af66e19b4d4dbec09259eb8a50526aebb288f17c
- SSDEEP
  
  98304:gG4kIfmBKhtn8o13FwOeZC6jduW+pH/rn2oKensvFfjlrfOi:R4kIfmBI8O3WOeZC6BqpH/729ensfbV
Score

1^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy