87bc71b36b242a954f6dac19f466de0944becce465b37825552c1ba9703a19a8 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

ta4073.exe

windows7-x64

7

ta4073.exe

windows10-2004-x64

5

Sharing

General

Target

ta4073.exe
Size

25.8MB
Sample

240624-algthatcqj
MD5

15ecc8ba9811b8e5bd9d868b213a2182
SHA1

b221004e3ac301e686a02f9c7667cf2c85276c65
SHA256

87bc71b36b242a954f6dac19f466de0944becce465b37825552c1ba9703a19a8
SHA512

88d1518444f53b1a555ab52b97821ac594a2b6f3c78acb8c04798e26d1c5b3eb84af86e5707f45cfc61bf147de05a7e9eab9bc7e406c79290bb4692174012fd5
SSDEEP

786432:xkCG+BZo4femcZvQEqe1aecl5OzvUme1g6fJ3t:xk+BZo4fexQyvcl5OzAfh9

Score

7^/10

aspackv2 discovery persistence privilege_escalation

Static task

static1

Behavioral task

behavioral1

Sample

ta4073.exe

Resource

win7-20240508-en

aspackv2 discovery persistence privilege_escalation

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

ta4073.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  ta4073.exe
- Size
  
  25.8MB
- MD5
  
  15ecc8ba9811b8e5bd9d868b213a2182
- SHA1
  
  b221004e3ac301e686a02f9c7667cf2c85276c65
- SHA256
  
  87bc71b36b242a954f6dac19f466de0944becce465b37825552c1ba9703a19a8
- SHA512
  
  88d1518444f53b1a555ab52b97821ac594a2b6f3c78acb8c04798e26d1c5b3eb84af86e5707f45cfc61bf147de05a7e9eab9bc7e406c79290bb4692174012fd5
- SSDEEP
  
  786432:xkCG+BZo4femcZvQEqe1aecl5OzvUme1g6fJ3t:xk+BZo4fexQyvcl5OzAfh9
Score

7^/10

aspackv2 discovery persistence privilege_escalation
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistenceprivilege_escalation

behavioral2

© 2018-2025

Terms | Privacy