1dca076ea21359cbd16963e4452beb25e0c4d17146f32291acd574bad1061cba | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

ming-dan-pdf.exe

windows7-x64

7

ming-dan-pdf.exe

windows10-2004-x64

7

Sharing

General

Target

1dca076ea21359cbd16963e4452beb25e0c4d17146f32291acd574bad1061cba
Size

8.5MB
Sample

240822-t3xe3axbqh
MD5

079b2348ad2286201c4fd671d42ea907
SHA1

bdc850c8f7139a4266786e8016663d7a73bb475d
SHA256

1dca076ea21359cbd16963e4452beb25e0c4d17146f32291acd574bad1061cba
SHA512

0f21c4211b70b602bdbc13a6f3de8a4242df8e9b5ee919093d44abdbe4c26a483fe685f9a9602551b25325a311b5a65b7a691c2bc9668f89c1c5a52993189704
SSDEEP

196608:0ej0TkfyMwyUkpxaHrVrpUG9fKl3AwOTP6uyD5L7BSs:0/TWNwy/IHr5Bi5AwOTC1p

Score

7^/10

discovery upx

Static task

static1

Behavioral task

behavioral1

Sample

ming-dan-pdf.exe

Resource

win7-20240704-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

ming-dan-pdf.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  ming-dan-pdf.exe
- Size
  
  22.6MB
- MD5
  
  d48ab037ac67690dfec97eb0cee58cef
- SHA1
  
  ee2cac4a3ed743469f344657a2ce03263278e843
- SHA256
  
  f86bb58f1fe31ba13544d0919beab5e3029e8044df85c72c37cbe2fbede5bf2b
- SHA512
  
  1b53563081a14587cd28e184a5fd02730e78757e605176b5581154a514cda3644e48ecc931a3c2a93ebee68340d845167120fe75254aeb4d91fde5590973647a
- SSDEEP
  
  196608:5c1aN0ECig1IFnEplmOXKh8mY8J4V+mPKSJAMr3jv4xHlZoA/iMYvWB:0OhCcFkjXLWiV+mSSCMToHluZW
Score

7^/10

discovery upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy