Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

overemptiness.exe

windows7-x64

6

overemptiness.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    overemptiness.exe

  • Size

    18.8MB

  • Sample

    240512-tn3zasdg6s

  • MD5

    8d6910b4e8e10febdcd363d5f436485f

  • SHA1

    ffd58b7027338ea88717f240c1ac131504b3ce5f

  • SHA256

    01ee8f74dace7c4cec68e020350e1b6637b5f6fd36c4afd2e62a41d2056db304

  • SHA512

    736dfa4cb021646b6eb61076ac34d622ddb25a5d90296f5c6fe602053aee5f118f564c45675d72aa824007c06d9e275baed94ca347de94455688e7aa53aa3d45

  • SSDEEP

    393216:5t8c7Ej86oji7W9IFdUDWjfLb4QD4NT9L6lDEoXMeBb4tFRAC1/gb:5t8mK86SeDQofQKiTN6lDEoUjRp1

Score
8/10
discoveryexploit

Malware Config

Targets

    • Target

      overemptiness.exe

    • Size

      18.8MB

    • MD5

      8d6910b4e8e10febdcd363d5f436485f

    • SHA1

      ffd58b7027338ea88717f240c1ac131504b3ce5f

    • SHA256

      01ee8f74dace7c4cec68e020350e1b6637b5f6fd36c4afd2e62a41d2056db304

    • SHA512

      736dfa4cb021646b6eb61076ac34d622ddb25a5d90296f5c6fe602053aee5f118f564c45675d72aa824007c06d9e275baed94ca347de94455688e7aa53aa3d45

    • SSDEEP

      393216:5t8c7Ej86oji7W9IFdUDWjfLb4QD4NT9L6lDEoXMeBb4tFRAC1/gb:5t8mK86SeDQofQKiTN6lDEoUjRp1

    Score
    8/10
    discoveryexploit

    • Possible privilege escalation attempt

      exploit

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

      discovery

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks