94863200514117eadd35c7fa8e8d8e42b3d58f6170bb97f038dca112dbfe3c6a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

9486320051...6a.exe

windows7-x64

9

9486320051...6a.exe

windows10-2004-x64

9

Sharing

General

Target

94863200514117eadd35c7fa8e8d8e42b3d58f6170bb97f038dca112dbfe3c6a
Size

539KB
Sample

240515-axztfsgd5z
MD5

200e7bd08d4f1e3d724795d160829cf2
SHA1

935ff6a748763c83c8185f3e4be97a401e169dca
SHA256

94863200514117eadd35c7fa8e8d8e42b3d58f6170bb97f038dca112dbfe3c6a
SHA512

5433a37ee33ded520ecfdc4411e6b7e3f7e3f18ca46199480f0953047db6ae052a4fd5f4c2cbf31b30bf8a36ee0313188440741554b8492619a0e87c25d6327a
SSDEEP

3072:ZCaoAs101Pol0xPTM7mRCAdJSSxPUkl3V4Vh1q+MQTCk/dN92sdNhavtrVdewnAe:ZqDAwl0xPTMiR9JSSxPUKuqododHY2

Score

10^/10

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

94863200514117eadd35c7fa8e8d8e42b3d58f6170bb97f038dca112dbfe3c6a.exe

Resource

win7-20231129-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

94863200514117eadd35c7fa8e8d8e42b3d58f6170bb97f038dca112dbfe3c6a.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  94863200514117eadd35c7fa8e8d8e42b3d58f6170bb97f038dca112dbfe3c6a
- Size
  
  539KB
- MD5
  
  200e7bd08d4f1e3d724795d160829cf2
- SHA1
  
  935ff6a748763c83c8185f3e4be97a401e169dca
- SHA256
  
  94863200514117eadd35c7fa8e8d8e42b3d58f6170bb97f038dca112dbfe3c6a
- SHA512
  
  5433a37ee33ded520ecfdc4411e6b7e3f7e3f18ca46199480f0953047db6ae052a4fd5f4c2cbf31b30bf8a36ee0313188440741554b8492619a0e87c25d6327a
- SSDEEP
  
  3072:ZCaoAs101Pol0xPTM7mRCAdJSSxPUkl3V4Vh1q+MQTCk/dN92sdNhavtrVdewnAe:ZqDAwl0xPTMiR9JSSxPUKuqododHY2
Score

9^/10
- Detects executables built or packed with MPress PE compressor
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy