Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

b7eef5d97d...ea.exe

windows7-x64

9

b7eef5d97d...ea.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b7eef5d97d6b20e5619107b5bd25a745d49633aede7bd3afc58a2181e7637bea

  • Size

    118KB

  • Sample

    240422-csv1taed38

  • MD5

    0b49a269b9f3f3a7b542bc147c1e03ee

  • SHA1

    07f8977cb56940d209a01b0dd53ffa5acb67f5d3

  • SHA256

    b7eef5d97d6b20e5619107b5bd25a745d49633aede7bd3afc58a2181e7637bea

  • SHA512

    f7dc59cd7716f9c2459b6b4697488dc51e485d46fd8a6a24aff4e2a1dece7b7167240bfcfd802a37da937068eaa41ef3b89c5def44e1d807ce6d89fdc9d8a1e2

  • SSDEEP

    3072:bOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPX:bIs9OKofHfHTXQLzgvnzHPowYbvrjD/M

Score
10/10
persistence

Malware Config

Targets

    • Target

      b7eef5d97d6b20e5619107b5bd25a745d49633aede7bd3afc58a2181e7637bea

    • Size

      118KB

    • MD5

      0b49a269b9f3f3a7b542bc147c1e03ee

    • SHA1

      07f8977cb56940d209a01b0dd53ffa5acb67f5d3

    • SHA256

      b7eef5d97d6b20e5619107b5bd25a745d49633aede7bd3afc58a2181e7637bea

    • SHA512

      f7dc59cd7716f9c2459b6b4697488dc51e485d46fd8a6a24aff4e2a1dece7b7167240bfcfd802a37da937068eaa41ef3b89c5def44e1d807ce6d89fdc9d8a1e2

    • SSDEEP

      3072:bOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPX:bIs9OKofHfHTXQLzgvnzHPowYbvrjD/M

    Score
    9/10
    persistence

    • UPX dump on OEP (original entry point)

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks