28920b251fd161078a26e57de5f95eb6710b5f4b64363cb5340182532e315d30 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

AppGitHub/App.exe

windows7-x64

1

AppGitHub/App.exe

windows10-2004-x64

Sharing

General

Target

AppGitHub.zip
Size

18.3MB
Sample

240713-spe37awcqk
MD5

526421765b748500c1b072c5b097ff90
SHA1

6a6be0e73d4979d22296e114f2d489017ba7a12f
SHA256

28920b251fd161078a26e57de5f95eb6710b5f4b64363cb5340182532e315d30
SHA512

a5bc3c6f7d4085fd1db17f3a53cba2c753b0ebb554b2022c9c05b823d881527b71d2838b84c671a3e18c73dd3bde5da6b8c0a4009e6b39871e0170769a2c9bef
SSDEEP

393216:5IUqyga2Szz9xDmRbF6cprklcbe462pVBwsVGVuO/Xg+:50ygB8nc5nqlcy46QBwsVWXH

Score

10^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

AppGitHub/App.exe

Resource

win7-20240705-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

AppGitHub/App.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Credentials

Protocol: ftp
Host:
94.156.8.173
Port:
21
Username:
anonymous
Password:
anonymous@

Targets

- Target
  
  AppGitHub/App.exe
- Size
  
  24.2MB
- MD5
  
  e9375068b29318e25281d4fa36b2bf31
- SHA1
  
  bbf93b5d9aa19293df332caf8866e5ad9b871787
- SHA256
  
  964ed02573d0cf5741deda31cd7051e15d491a39aa610c5362e244832cc104bc
- SHA512
  
  37dfb04705b74b9d5e09f7082c5da42b724d02e594ea215aa857f64b2a9009ed525992d5e29891a0a55427a355a72e4505ed61b15e733648ee83c39474417009
- SSDEEP
  
  98304:IXG4ks4BPCuS3tqRi1jg7AEb/lp+LRpPoTP29Fc6clyzl/pdlOXwIJbYSTK460fs:MJHXhVTWNDu1ka2IUi+bBV3tE+EDaW6
Score

10^/10
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy