Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

ce74cee8c8...64.exe

windows7-x64

9

ce74cee8c8...64.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ce74cee8c8e1e1b47747018d918d6eb055292e1b7a6bbaa1e3523620e70af164

  • Size

    75KB

  • Sample

    240502-eergksab89

  • MD5

    1fe48d9f38359fd9789c9ce33e04527f

  • SHA1

    0e66ee220a59c21777879c6f6142cd42dbb0f607

  • SHA256

    ce74cee8c8e1e1b47747018d918d6eb055292e1b7a6bbaa1e3523620e70af164

  • SHA512

    960c0a4e72e16ec4cbbb6a160f733b3d77c2365174736d86521181052ca85eb0dd4ec040eb3c9de5ef9aabe3d2e311be2f3ea6ea4371730fe8a5369b720d2e56

  • SSDEEP

    1536:1x1Qja7luy6y0s4sqfkbnAKBOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3B:fOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPp

Score
9/10
persistence

Malware Config

Targets

    • Target

      ce74cee8c8e1e1b47747018d918d6eb055292e1b7a6bbaa1e3523620e70af164

    • Size

      75KB

    • MD5

      1fe48d9f38359fd9789c9ce33e04527f

    • SHA1

      0e66ee220a59c21777879c6f6142cd42dbb0f607

    • SHA256

      ce74cee8c8e1e1b47747018d918d6eb055292e1b7a6bbaa1e3523620e70af164

    • SHA512

      960c0a4e72e16ec4cbbb6a160f733b3d77c2365174736d86521181052ca85eb0dd4ec040eb3c9de5ef9aabe3d2e311be2f3ea6ea4371730fe8a5369b720d2e56

    • SSDEEP

      1536:1x1Qja7luy6y0s4sqfkbnAKBOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3B:fOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPp

    Score
    9/10
    persistence

    • UPX dump on OEP (original entry point)

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks