a03613764f6ab5c2e7bd44e9c020f612eae0733f7a7e8ee7bbfdc12798df9ece | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

a03613764f...ce.exe

windows7-x64

a03613764f...ce.exe

windows10-2004-x64

Sharing

General

Target

a03613764f6ab5c2e7bd44e9c020f612eae0733f7a7e8ee7bbfdc12798df9ece
Size

435KB
Sample

240419-bj59racb89
MD5

d39c73260a157d2c296e7d264e13141f
SHA1

6eaab20e6ba719f88311e644064227e9b1a730f2
SHA256

a03613764f6ab5c2e7bd44e9c020f612eae0733f7a7e8ee7bbfdc12798df9ece
SHA512

97028a63f67f07387945b2859c83524a96dc816c7b05bd714980d976305d001e011f9fb335947da071c5c440a004acd26b5f91f373c3e8fc3e21dacb7c3f80e7
SSDEEP

12288:q6Wq4aaE6KwyF5L0Y2D1PqLy6Wq4aaE6KwyF5LL:IthEVaPqLwthE7

Score

10^/10

evasion upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

a03613764f6ab5c2e7bd44e9c020f612eae0733f7a7e8ee7bbfdc12798df9ece.exe

Resource

win7-20240221-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

a03613764f6ab5c2e7bd44e9c020f612eae0733f7a7e8ee7bbfdc12798df9ece.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  a03613764f6ab5c2e7bd44e9c020f612eae0733f7a7e8ee7bbfdc12798df9ece
- Size
  
  435KB
- MD5
  
  d39c73260a157d2c296e7d264e13141f
- SHA1
  
  6eaab20e6ba719f88311e644064227e9b1a730f2
- SHA256
  
  a03613764f6ab5c2e7bd44e9c020f612eae0733f7a7e8ee7bbfdc12798df9ece
- SHA512
  
  97028a63f67f07387945b2859c83524a96dc816c7b05bd714980d976305d001e011f9fb335947da071c5c440a004acd26b5f91f373c3e8fc3e21dacb7c3f80e7
- SSDEEP
  
  12288:q6Wq4aaE6KwyF5L0Y2D1PqLy6Wq4aaE6KwyF5LL:IthEVaPqLwthE7
Score

10^/10

evasion upx
- Modifies visibility of file extensions in Explorer
  evasion
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy