8a5ac882f4a201fc77fbe700681a0f57c549e9eb2e8fde3b99752cd7e02e3c12 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

cardPresso1.7.70.exe

windows11-21h2-x64

7

Sharing

General

Target

cardPresso1.7.70.exe
Size

200.4MB
Sample

240712-ewd8ksyaqn
MD5

e1b8dbb1ab54615451bd1836612ff50b
SHA1

ab62cc507b80fd061c1cea1e7f547ae83dec60a5
SHA256

8a5ac882f4a201fc77fbe700681a0f57c549e9eb2e8fde3b99752cd7e02e3c12
SHA512

ddb5d0cb43d67223d7d4c74076690023bb0a91618d932ed2e9b26ade71188288958996563b3834f2949e67f1d9075c500758d4a4a3ef9346cfaa8a0df186d421
SSDEEP

3145728:ofsCdNUsXcy3aRVnRztKvWBysOne5ph2Dhr9CEJK:ofsHy3+TdBnwRw0K

Score

7^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

cardPresso1.7.70.exe

Resource

win11-20240709-en

windows11-21h2-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  cardPresso1.7.70.exe
- Size
  
  200.4MB
- MD5
  
  e1b8dbb1ab54615451bd1836612ff50b
- SHA1
  
  ab62cc507b80fd061c1cea1e7f547ae83dec60a5
- SHA256
  
  8a5ac882f4a201fc77fbe700681a0f57c549e9eb2e8fde3b99752cd7e02e3c12
- SHA512
  
  ddb5d0cb43d67223d7d4c74076690023bb0a91618d932ed2e9b26ade71188288958996563b3834f2949e67f1d9075c500758d4a4a3ef9346cfaa8a0df186d421
- SSDEEP
  
  3145728:ofsCdNUsXcy3aRVnRztKvWBysOne5ph2Dhr9CEJK:ofsHy3+TdBnwRw0K
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy