166e1e1e50a212a05ebbeb9d70f5dc7847bc269d7ba19899e6caaed6db3301aa | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

cryptolaemus

windows10-2004-x64

7

cryptolaemus

windows11-21h2-x64

7

Sharing

General

Target

166e1e1e50a212a05ebbeb9d70f5dc7847bc269d7ba19899e6caaed6db3301aa
Size

266KB
Sample

240601-ypv3aseb66
MD5

524c7b995bb7c603e80e922406ab0358
SHA1

3e9248cd055e5acf4c37c292bcf47df0c42c5f9b
SHA256

166e1e1e50a212a05ebbeb9d70f5dc7847bc269d7ba19899e6caaed6db3301aa
SHA512

74ac377c6f4021d9a3b6d27a44aa5ba7a738698eec38b4de2d616d167d13ab3f7b92cabbcd942263f64fc4f4a12262d81d22b5d805bd291ca6769f6f67638cf8
SSDEEP

3072:+NXEGZJWhfNFC4S60+XoLczrVmXaxAA8oazHjS+/fbC8DcGs6zH01ne4PK:MXzKdNY49u8rV7ejLHu8DcGT01net

Score

7^/10

upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

166e1e1e50a212a05ebbeb9d70f5dc7847bc269d7ba19899e6caaed6db3301aa.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

166e1e1e50a212a05ebbeb9d70f5dc7847bc269d7ba19899e6caaed6db3301aa.exe

Resource

win11-20240426-en

windows11-21h2-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  166e1e1e50a212a05ebbeb9d70f5dc7847bc269d7ba19899e6caaed6db3301aa
- Size
  
  266KB
- MD5
  
  524c7b995bb7c603e80e922406ab0358
- SHA1
  
  3e9248cd055e5acf4c37c292bcf47df0c42c5f9b
- SHA256
  
  166e1e1e50a212a05ebbeb9d70f5dc7847bc269d7ba19899e6caaed6db3301aa
- SHA512
  
  74ac377c6f4021d9a3b6d27a44aa5ba7a738698eec38b4de2d616d167d13ab3f7b92cabbcd942263f64fc4f4a12262d81d22b5d805bd291ca6769f6f67638cf8
- SSDEEP
  
  3072:+NXEGZJWhfNFC4S60+XoLczrVmXaxAA8oazHjS+/fbC8DcGs6zH01ne4PK:MXzKdNY49u8rV7ejLHu8DcGT01net
Score

7^/10

upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy