c6951fe6881fd2b123d7490a3546a2607ee9bd013ac7b552f91d5b8ce030bb24 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

0pen___fil...$$.rar

windows7-x64

3

0pen___fil...$$.rar

windows10-2004-x64

7

Resubmissions

16/07/2024, 08:17

240716-j66g2ashjp 7

16/07/2024, 08:01

240716-jwnt8svfqh 7

Sharing

General

Target

#!SetUp_42716--!PassW0rdz#$$.zip
Size

2.4MB
Sample

240716-jwnt8svfqh
MD5

d7fc3670abd8fae984302576551ec23a
SHA1

8f1c29356a285fc6d786bbbc0fbc04f56f054ee8
SHA256

c6951fe6881fd2b123d7490a3546a2607ee9bd013ac7b552f91d5b8ce030bb24
SHA512

ddac2ff102807067bb34c16c98e53185b7d29cf2c12bf986a05fdc56c7720ce2864e1bc52fe4f72864bf2c1181f63fb55056e9b931fd6632be011aca2472ae4f
SSDEEP

49152:tRZ9GxmJyIkm2X/m5vxEOBoi5Ov7v6ZbSJUYorl:tR2xy0LX/a4io7vmbSJUYoh

Score

7^/10

discovery upx

Static task

static1

Behavioral task

behavioral1

Sample

0pen___files/!ŞetUp_42716--#PaSꞨKḙy#$$.rar

Resource

win7-20240708-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

0pen___files/!ŞetUp_42716--#PaSꞨKḙy#$$.rar

Resource

win10v2004-20240709-en

windows10-2004-x64

20 signatures

150 seconds

Malware Config

Targets

- Target
  
  0pen___files/!ŞetUp_42716--#PaSꞨKḙy#$$.rar
- Size
  
  2.4MB
- MD5
  
  a1a5d1c60cdd1b89a92400babbc3c2b3
- SHA1
  
  656eab017cdb623387d2c01b5c6457eca811a2dc
- SHA256
  
  37d371f1d3d4ae1b4d9bb02bc69b1b45ffb73ce51b9fb6effee6b48d1495bf47
- SHA512
  
  632f138abf42422b76097758561f82d70e3a69f7e3ab57453f39c4225e6383fa4133e3448a7d6b4ad384a56307390ebfa7014bb1a5ebe2127642136ea5a8c8c8
- SSDEEP
  
  49152:0RZ9GxmJyIkm2X/m5vxEOBoi5Ov7v6ZbSJUYor9:0R2xy0LX/a4io7vmbSJUYop
Score

7^/10

discovery upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks for any installed AV software in registry
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy