259d822c19610ed0e85353668e7077268dc0a6aa79eb309305a841aa3a795146 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

259d822c19...46.exe

windows7-x64

3

259d822c19...46.exe

windows10-2004-x64

3

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
05/07/2024, 11:48

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

259d822c19610ed0e85353668e7077268dc0a6aa79eb309305a841aa3a795146.exe

Resource

win7-20240508-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

259d822c19610ed0e85353668e7077268dc0a6aa79eb309305a841aa3a795146.exe

Resource

win10v2004-20240704-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

259d822c19610ed0e85353668e7077268dc0a6aa79eb309305a841aa3a795146.exe
Size

11KB
MD5

9abafb1db0f90a7919d9d583d79898d1
SHA1

5d0554df1bbe6d3cf38ab2ba522bb631e9624b23
SHA256

259d822c19610ed0e85353668e7077268dc0a6aa79eb309305a841aa3a795146
SHA512

aacd89f0f5112fe2bd555ccc90464e0da1f15757e87214a56523177d20fa8dbb86d388a5d6057169dba9f7cf87a98779b2cb79af38c36bc84f119a0d00af9c83
SSDEEP

192:ICh639ZSWSPmVFnlYJLLLTTMnPYqSFTh:ICh63SPmkPLTrqSFTh

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Processes

C:\Users\Admin\AppData\Local\Temp\259d822c19610ed0e85353668e7077268dc0a6aa79eb309305a841aa3a795146.exe
"C:\Users\Admin\AppData\Local\Temp\259d822c19610ed0e85353668e7077268dc0a6aa79eb309305a841aa3a795146.exe"
1⤵
PID:972

C:\Windows\System32\Upfc.exe
C:\Windows\System32\Upfc.exe /launchtype periodic /cv isCuJy6J9EqNjxZkw/24rw.0
1⤵
PID:4956

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/972-0-0x00007FFA46585000-0x00007FFA46586000-memory.dmp

Filesize
4KB

Download
memory/972-1-0x00007FFA462D0000-0x00007FFA46C71000-memory.dmp

Filesize
9.6MB

Download
memory/972-2-0x000000001BDA0000-0x000000001C26E000-memory.dmp

Filesize
4.8MB

Download
memory/972-3-0x000000001C270000-0x000000001C316000-memory.dmp

Filesize
664KB

Download
memory/972-5-0x00007FFA462D0000-0x00007FFA46C71000-memory.dmp

Filesize
9.6MB

Download
memory/972-6-0x00007FFA462D0000-0x00007FFA46C71000-memory.dmp

Filesize
9.6MB

Download

© 2018-2025

Terms | Privacy