f56a1f2ddcc44699d397d3700482cbca85ad8104603fd8e0133f79fca5efd3bf | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

SpotifySetup.exe

windows7-x64

8

SpotifySetup.exe

windows10-2004-x64

6

Resubmissions

06/08/2024, 01:04

240806-be2e1ayaqe 6

06/08/2024, 00:50

240806-a7a8vaxgkd 8

06/08/2024, 00:48

240806-a5tbmstfnk 6

06/08/2024, 00:42

240806-a2lgmatenn 6

Sharing

General

Target

SpotifySetup.exe
Size

909KB
Sample

240806-a7a8vaxgkd
MD5

6d2f652dfe8001c0caf6aa246a418124
SHA1

d1d5f533b5b514d7d863541974367e3ed86f8bfc
SHA256

f56a1f2ddcc44699d397d3700482cbca85ad8104603fd8e0133f79fca5efd3bf
SHA512

9a8faae6e532702ab0b79863ff1bf490ef8a3e8d5052c2082a2d1426cef171de22ebb895ffb6b6b2173940bbfa89b4c4702966318acc6c5d5e53cd72aa67b39f
SSDEEP

12288:O8PTZuEHn+AgZZpi7xTICP4AC0laDi6u5DUCuUhO:O8PTwEwZpi7xT3/lauB5DUys

Score

8^/10

discovery execution persistence

Static task

static1

Behavioral task

behavioral1

Sample

SpotifySetup.exe

Resource

win7-20240704-en

discovery execution

windows7-x64

23 signatures

1800 seconds

Behavioral task

behavioral2

Sample

SpotifySetup.exe

Resource

win10v2004-20240802-en

discovery persistence

windows10-2004-x64

16 signatures

1800 seconds

Malware Config

Targets

- Target
  
  SpotifySetup.exe
- Size
  
  909KB
- MD5
  
  6d2f652dfe8001c0caf6aa246a418124
- SHA1
  
  d1d5f533b5b514d7d863541974367e3ed86f8bfc
- SHA256
  
  f56a1f2ddcc44699d397d3700482cbca85ad8104603fd8e0133f79fca5efd3bf
- SHA512
  
  9a8faae6e532702ab0b79863ff1bf490ef8a3e8d5052c2082a2d1426cef171de22ebb895ffb6b6b2173940bbfa89b4c4702966318acc6c5d5e53cd72aa67b39f
- SSDEEP
  
  12288:O8PTZuEHn+AgZZpi7xTICP4AC0laDi6u5DUCuUhO:O8PTwEwZpi7xT3/lauB5DUys
Score

8^/10

discovery execution persistence
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Adds Run key to start application
  persistence
- Downloads MZ/PE file
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

discoverypersistence

© 2018-2025

Terms | Privacy