Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

3

bdcamsetup.exe

windows7-x64

5

bdcamsetup.exe

windows10-1703-x64

5

bdcamsetup.exe

windows10-2004-x64

5

bdcamsetup.exe

windows11-21h2-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5aa1234eb23bef8628cdc9189879d629b418cd1d176c99c024a15c3bfe5e413a.zip

  • Size

    31.5MB

  • Sample

    240726-vy523swekg

  • MD5

    9d59935180099233a8d06d0fa78be88f

  • SHA1

    7cdf43857827f23a0745383319e752c5a4a17511

  • SHA256

    230aa0d1c613ff36672c214652b3e86892efc9cae075be550517aa9ea68db20d

  • SHA512

    bde652467e57f60f84268a4c227942aae7c84ac5e6e23e8298974674b7aba5fe0683dfc4353df33018ee6328ef85659c7ad03894ff11d7cd8c7b92884a39baa1

  • SSDEEP

    786432:Qo9TzbLBz/48h/bIaHLoWTGk/o+7GL0AHNbhqMf:Qo9hAckWTGkgAExtbhqMf

Score
5/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      bdcamsetup.exe

    • Size

      31.5MB

    • MD5

      cbb2dc1b64c5a21da53d79f0ad2e1bdb

    • SHA1

      b2e411fcbccedef4d3a64133aff5d5502291b24f

    • SHA256

      5aa1234eb23bef8628cdc9189879d629b418cd1d176c99c024a15c3bfe5e413a

    • SHA512

      73391f29a027f1184d2ed673667b86bd96eaf97df94e4fc13c03ec8913c9ff36f3a549b7a4f79f67755cdd8f61fe906e61de1559dd884f2623add72413b4841c

    • SSDEEP

      786432:fmDBQyG/qdx5SFTFI/Xoa74EJCvBLRUH0PYNr/h4vW:+D0qd/SFTFIcGyIpr/v

    Score
    5/10
    discoverypersistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks