Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

fdc933b64d...b7.exe

windows7-x64

10

fdc933b64d...b7.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fdc933b64df0832a1f88f0e19a4cab67fb110d54c4913367a7215d7890f8a5b7.exe

  • Size

    405KB

  • Sample

    240629-cdxwvs1glm

  • MD5

    c4e10100c5cf7bec2d9d0a1d7203ddb2

  • SHA1

    24a6ecd52fb2165b8563a2853898316851638871

  • SHA256

    fdc933b64df0832a1f88f0e19a4cab67fb110d54c4913367a7215d7890f8a5b7

  • SHA512

    ff6bd9bdcb95641c5e19aeef99d9cdddb33b5b309ec358a1a50ba00d2cea9a3fa22a0239b4e09d4a8904d4b7f470bbc621d5e0d60331bc5800709d308faf3202

  • SSDEEP

    6144:0NYzj2jBoO33tq6qbXaYBc1g5aN9KBBBBBBByygHG/bZbYdNpmIU:eYzAq81g5aN+BoKD

Score
10/10
asyncratexecutionpersistencerat

Malware Config

Targets

    • Target

      fdc933b64df0832a1f88f0e19a4cab67fb110d54c4913367a7215d7890f8a5b7.exe

    • Size

      405KB

    • MD5

      c4e10100c5cf7bec2d9d0a1d7203ddb2

    • SHA1

      24a6ecd52fb2165b8563a2853898316851638871

    • SHA256

      fdc933b64df0832a1f88f0e19a4cab67fb110d54c4913367a7215d7890f8a5b7

    • SHA512

      ff6bd9bdcb95641c5e19aeef99d9cdddb33b5b309ec358a1a50ba00d2cea9a3fa22a0239b4e09d4a8904d4b7f470bbc621d5e0d60331bc5800709d308faf3202

    • SSDEEP

      6144:0NYzj2jBoO33tq6qbXaYBc1g5aN9KBBBBBBByygHG/bZbYdNpmIU:eYzAq81g5aN+BoKD

    Score
    10/10
    asyncratexecutionpersistencerat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks