e62eca30d7718069c5092f0e9c5bb1bb8a5f0b1c1c5ea2cb99abb564dee8dadb | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

18fbe95753...84.exe

windows7-x64

7

18fbe95753...84.exe

windows10-2004-x64

7

Sharing

General

Target

18fbe957536d2c91634bd4e0c3e78184.exe
Size

867KB
Sample

240611-d22qdstbnr
MD5

18fbe957536d2c91634bd4e0c3e78184
SHA1

11f49fa2008e0b43b2587772c162928f921c6295
SHA256

e62eca30d7718069c5092f0e9c5bb1bb8a5f0b1c1c5ea2cb99abb564dee8dadb
SHA512

d0977dfaf3367663c98ca45fd2a227445e870ee6b14af4d4935d2212efdcbd5e92ef5dbaa8db7de7651549b3ceda2277636cc975750dd9096b33b2a254b05211
SSDEEP

12288:TdzfO1wnp0a/FT+HLwap/8hjclvgNpyJegjMmIqt1eGMrs8GdkYSCrh0dq:5aGph/ows0hOvq0/SM1t8+Wuh0I

Score

7^/10

persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

18fbe957536d2c91634bd4e0c3e78184.exe

Resource

win7-20240508-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

18fbe957536d2c91634bd4e0c3e78184.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  18fbe957536d2c91634bd4e0c3e78184.exe
- Size
  
  867KB
- MD5
  
  18fbe957536d2c91634bd4e0c3e78184
- SHA1
  
  11f49fa2008e0b43b2587772c162928f921c6295
- SHA256
  
  e62eca30d7718069c5092f0e9c5bb1bb8a5f0b1c1c5ea2cb99abb564dee8dadb
- SHA512
  
  d0977dfaf3367663c98ca45fd2a227445e870ee6b14af4d4935d2212efdcbd5e92ef5dbaa8db7de7651549b3ceda2277636cc975750dd9096b33b2a254b05211
- SSDEEP
  
  12288:TdzfO1wnp0a/FT+HLwap/8hjclvgNpyJegjMmIqt1eGMrs8GdkYSCrh0dq:5aGph/ows0hOvq0/SM1t8+Wuh0I
Score

7^/10

persistence
- Drops startup file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy