179cd1aa53aa185fffc93336a01329ac5df1b36cfd648193041522baa537d40c | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

DOC7824047...02.msi

windows7-x64

7

DOC7824047...02.msi

windows10-2004-x64

7

Sharing

General

Target

179cd1aa53aa185fffc93336a01329ac5df1b36cfd648193041522baa537d40c.zip
Size

36.6MB
Sample

240611-be8jbaxgpg
MD5

061d20badac792c74b9c531f979372a8
SHA1

fbb3d190fed15bb514c47760313941b08b7aea2b
SHA256

179cd1aa53aa185fffc93336a01329ac5df1b36cfd648193041522baa537d40c
SHA512

8a30a140fd22f02f2df89953c71b73d57b7ff0c8861b4a811f7bd531df003e0547b8ca2470e3c1940dd63c2d7d03a852715db76617db12f452c14d14f1a67c95
SSDEEP

786432:z2QTngPuX61hPoUQYv7vWyaBFylMb62+aK4xxOYY1S:z2C0hPoDYv7+RB8G1+aK+x3Y1S

Score

7^/10

evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

DOC7824047342013202.msi

Resource

win7-20231129-en

evasion persistence trojan

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

DOC7824047342013202.msi

Resource

win10v2004-20240508-en

windows10-2004-x64

17 signatures

150 seconds

Malware Config

Targets

- Target
  
  DOC7824047342013202.msi
- Size
  
  37.5MB
- MD5
  
  98b71a0b67688428a31a04560076fe48
- SHA1
  
  3207a44df960415401c4ec59fe33eba7443cda81
- SHA256
  
  d015801a54961cd8d98e5abfadd4d325f57948d4033f26487185d08f5d914073
- SHA512
  
  6618766db2fae5daacc1a17082c5f07686536712b06a7ffb1e343540b30b62d41e98873a8a319fbcc1af9b13065bb37b385d8bb368e4ccca77a26f1993e1b187
- SSDEEP
  
  786432:M8v2InlY7O9Ux5j1cQaubvoUqzza1Yl8qGIEgvtSwMb:Me2Qo5j17aubQZz22XGIECt9Mb
Score

7^/10

evasion persistence trojan
- Drops startup file
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

© 2018-2025

Terms | Privacy