1b59e8e4933dc477bb0007e816b98b542ce89f3f673748a23c562e8464eb6dfa | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

1b59e8e493...fa.exe

windows7-x64

6

1b59e8e493...fa.exe

windows10-2004-x64

7

Sharing

General

Target

1b59e8e4933dc477bb0007e816b98b542ce89f3f673748a23c562e8464eb6dfa
Size

5.2MB
Sample

240628-f96qeswflr
MD5

2561e158d088695560c8b1aa0bb5b79b
SHA1

52bfd2c4b7b6f8f34f40b80e7e8ce82423c7e207
SHA256

1b59e8e4933dc477bb0007e816b98b542ce89f3f673748a23c562e8464eb6dfa
SHA512

25583efb28e06486a6ca3228db5144b5c89a1c7914168ac2b84776dc96a12ad6148d394b3a3dffd5d429a19da74f20aa0c2375ca414830159d53037bd5a383ab
SSDEEP

98304:F3Wv10cIHpT1OOEnoMbH82h6hxg0JaVw35rF7zutjUJOUmfvDmAJFBqibKe3:de/yTInoQcGW/JaEF7zutIJOUm3luhA

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1b59e8e4933dc477bb0007e816b98b542ce89f3f673748a23c562e8464eb6dfa.exe

Resource

win7-20240221-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

1b59e8e4933dc477bb0007e816b98b542ce89f3f673748a23c562e8464eb6dfa.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  1b59e8e4933dc477bb0007e816b98b542ce89f3f673748a23c562e8464eb6dfa
- Size
  
  5.2MB
- MD5
  
  2561e158d088695560c8b1aa0bb5b79b
- SHA1
  
  52bfd2c4b7b6f8f34f40b80e7e8ce82423c7e207
- SHA256
  
  1b59e8e4933dc477bb0007e816b98b542ce89f3f673748a23c562e8464eb6dfa
- SHA512
  
  25583efb28e06486a6ca3228db5144b5c89a1c7914168ac2b84776dc96a12ad6148d394b3a3dffd5d429a19da74f20aa0c2375ca414830159d53037bd5a383ab
- SSDEEP
  
  98304:F3Wv10cIHpT1OOEnoMbH82h6hxg0JaVw35rF7zutjUJOUmfvDmAJFBqibKe3:de/yTInoQcGW/JaEF7zutIJOUm3luhA
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.