Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

1c658cf720...0N.exe

windows7-x64

7

1c658cf720...0N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1c658cf720eb3d7cde0ba1d5e631f510N.exe

  • Size

    75KB

  • Sample

    240720-2pvnba1ajr

  • MD5

    1c658cf720eb3d7cde0ba1d5e631f510

  • SHA1

    dc5ac3d4f6d76d9c2fd1302363ff7c91780c9e4f

  • SHA256

    fdcbe2bcb080aab88ab953a637f13ee45489ddb9cf8d4858fc3116bd6722ba51

  • SHA512

    e7cb4a3cd30266b9948ce95f8664917dcc4ef4c2e6c2345d93e5445053bfc3a9ee7d685dd3c38a8a4647f9fead522c725f5e81b5ff72c625e98bf53c1c7b9666

  • SSDEEP

    1536:Ax1Qja7luy6y0s4sqfkbnAKBOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3v:oOjWuyt0ZsqsXOKofHfHTXQLzgvnzHP3

Score
7/10
persistence

Malware Config

Targets

    • Target

      1c658cf720eb3d7cde0ba1d5e631f510N.exe

    • Size

      75KB

    • MD5

      1c658cf720eb3d7cde0ba1d5e631f510

    • SHA1

      dc5ac3d4f6d76d9c2fd1302363ff7c91780c9e4f

    • SHA256

      fdcbe2bcb080aab88ab953a637f13ee45489ddb9cf8d4858fc3116bd6722ba51

    • SHA512

      e7cb4a3cd30266b9948ce95f8664917dcc4ef4c2e6c2345d93e5445053bfc3a9ee7d685dd3c38a8a4647f9fead522c725f5e81b5ff72c625e98bf53c1c7b9666

    • SSDEEP

      1536:Ax1Qja7luy6y0s4sqfkbnAKBOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3v:oOjWuyt0ZsqsXOKofHfHTXQLzgvnzHP3

    Score
    7/10
    persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks