3642e3f95d50cc193e4b5a0b0ffbf7fe2c08801517758b4c8aeb7105a091208a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

VC_redist.x64.exe

windows7-x64

6

VC_redist.x64.exe

windows10-2004-x64

4

Sharing

General

Target

VC_redist.x64.exe
Size

24.2MB
Sample

240601-w6n9zabh95
MD5

1d545507009cc4ec7409c1bc6e93b17b
SHA1

84c61fadf8cd38016fb7632969b3ace9e54b763a
SHA256

3642e3f95d50cc193e4b5a0b0ffbf7fe2c08801517758b4c8aeb7105a091208a
SHA512

5935b69f5138ac3fbc33813c74da853269ba079f910936aefa95e230c6092b92f6225bffb594e5dd35ff29bf260e4b35f91adede90fdf5f062030d8666fd0104
SSDEEP

786432:tSp+Ty2SfUfnbDDko5dFMYqlQbgAVLSElbmucMuZZxs6Sf:4p+Ty2SfWnHDk8FjVbfzPTq4

Score

6^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

VC_redist.x64.exe

Resource

win7-20240221-en

discovery persistence

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

VC_redist.x64.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  VC_redist.x64.exe
- Size
  
  24.2MB
- MD5
  
  1d545507009cc4ec7409c1bc6e93b17b
- SHA1
  
  84c61fadf8cd38016fb7632969b3ace9e54b763a
- SHA256
  
  3642e3f95d50cc193e4b5a0b0ffbf7fe2c08801517758b4c8aeb7105a091208a
- SHA512
  
  5935b69f5138ac3fbc33813c74da853269ba079f910936aefa95e230c6092b92f6225bffb594e5dd35ff29bf260e4b35f91adede90fdf5f062030d8666fd0104
- SSDEEP
  
  786432:tSp+Ty2SfUfnbDDko5dFMYqlQbgAVLSElbmucMuZZxs6Sf:4p+Ty2SfWnHDk8FjVbfzPTq4
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

© 2018-2025

Terms | Privacy