8d95ec47526e384aee49f09ecbdd475fe66510a638056d1e0080f56ee6746d6e | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

7

6e5fa283b8...44.exe

windows7-x64

6e5fa283b8...44.exe

windows10-2004-x64

Sharing

General

Target

77b892b6ce85a01f14da396040b04e6e.zip
Size

405KB
Sample

240901-arv83svbpc
MD5

d91a869258d53bb632b3f7e7c6bddd74
SHA1

e7d1239273b79a2eead71c1122dd6705c70f4e9f
SHA256

8d95ec47526e384aee49f09ecbdd475fe66510a638056d1e0080f56ee6746d6e
SHA512

f1b0564dd89dd7d557a628df7235f77a7232b48ddcfdc7fc80e68b90af0cfe2b23199e5b058abc5f191631fd672b45ec13d07359c262fd4260296bb8c98bc30a
SSDEEP

12288:q3FEYT2n4OS70xO8D7UobdMKWrSynTJI4rr0F:q3FwiahnQvn9JvG

Score

10^/10

discovery evasion upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

6e5fa283b88a994183b4a705d77bebc77313158b5735001141e82cee2ad8e444.exe

Resource

win7-20240708-en

discovery evasion upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

6e5fa283b88a994183b4a705d77bebc77313158b5735001141e82cee2ad8e444.exe

Resource

win10v2004-20240802-en

discovery evasion upx

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  6e5fa283b88a994183b4a705d77bebc77313158b5735001141e82cee2ad8e444
- Size
  
  421KB
- MD5
  
  77b892b6ce85a01f14da396040b04e6e
- SHA1
  
  0980b62eb03f5de3ea9487196516ba9915a55ba1
- SHA256
  
  6e5fa283b88a994183b4a705d77bebc77313158b5735001141e82cee2ad8e444
- SHA512
  
  1825894a2408189f367c3941a1291b45fb7ca0ab0cde8ec078ce0fabc25ccafbb1940366667a3180b4a27527dc1c07db35525ac785803256897c4ed66a8339b5
- SSDEEP
  
  12288:X6Wq4aaE6KwyF5L0Y2D1PqLb6Wq4aaE6KwyF5LL:1thEVaPqLBthE7
Score

10^/10

discovery evasion upx
- Modifies visibility of file extensions in Explorer
  evasion
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionupx

behavioral2

discoveryevasionupx

© 2018-2025

Terms | Privacy