d1cd51ae6f229e7c23020511e2bee93c2a4710051a3e135942322a0a3262f131 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

d1cd51ae6f...31.exe

windows7-x64

9

d1cd51ae6f...31.exe

windows10-2004-x64

9

Sharing

General

Target

d1cd51ae6f229e7c23020511e2bee93c2a4710051a3e135942322a0a3262f131
Size

80KB
Sample

240424-zz8xkshf41
MD5

9d5bc026c11ab9664e0feb53d3dc77e7
SHA1

34355e5e8a3f775c0e761f1bf6bb542d1077f9ac
SHA256

d1cd51ae6f229e7c23020511e2bee93c2a4710051a3e135942322a0a3262f131
SHA512

09211b69adaf649a0cf3957f760ed7b99906f68a7e61e4178fefe3468b7aade32bf6882d13d0edaed9299727394fb31b567db26aef0242bb060bd5f565d8472c
SSDEEP

1536:bDcWLfIbgEp10gyX/dtnTHNWnnn62222292:bDXL0n0gyX/d1re222292

Score

10^/10

evasion

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

d1cd51ae6f229e7c23020511e2bee93c2a4710051a3e135942322a0a3262f131.exe

Resource

win7-20240220-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

d1cd51ae6f229e7c23020511e2bee93c2a4710051a3e135942322a0a3262f131.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  d1cd51ae6f229e7c23020511e2bee93c2a4710051a3e135942322a0a3262f131
- Size
  
  80KB
- MD5
  
  9d5bc026c11ab9664e0feb53d3dc77e7
- SHA1
  
  34355e5e8a3f775c0e761f1bf6bb542d1077f9ac
- SHA256
  
  d1cd51ae6f229e7c23020511e2bee93c2a4710051a3e135942322a0a3262f131
- SHA512
  
  09211b69adaf649a0cf3957f760ed7b99906f68a7e61e4178fefe3468b7aade32bf6882d13d0edaed9299727394fb31b567db26aef0242bb060bd5f565d8472c
- SSDEEP
  
  1536:bDcWLfIbgEp10gyX/dtnTHNWnnn62222292:bDXL0n0gyX/d1re222292
Score

9^/10

evasion
- Detects Windows executables referencing non-Windows User-Agents
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy