Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

save-money...qk.zip

windows7-x64

1

save-money...qk.zip

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    save-money-by-kondo_L0274sMnqk.zip

  • Size

    6.4MB

  • Sample

    240902-de4w8s1bqg

  • MD5

    69571adef6e120c1a21d662d5ad21f93

  • SHA1

    e4d2ad8093a87ce3f92e974729437d4cd95fdbea

  • SHA256

    b21830ae4e42dcb22c3a3b0b1021f0f60733a0f3357b491e1970a805f99d1c1c

  • SHA512

    01511115eda5abd29416eafb5c31552cfc2333cb471d317d4ebfbd97e08fd79bc1ac0cdb94eeaacd4957a9f350abfa71d20c96806733ba6c992fae8491e4dcd7

  • SSDEEP

    196608:hJlkqrQrenCIJ/RE7XA2cCiwJ0tV7cPPLU:hMfyDfELhcdVVwXI

Score
10/10
discovery

Malware Config

Targets

    • Target

      save-money-by-kondo_L0274sMnqk.zip

    • Size

      6.4MB

    • MD5

      69571adef6e120c1a21d662d5ad21f93

    • SHA1

      e4d2ad8093a87ce3f92e974729437d4cd95fdbea

    • SHA256

      b21830ae4e42dcb22c3a3b0b1021f0f60733a0f3357b491e1970a805f99d1c1c

    • SHA512

      01511115eda5abd29416eafb5c31552cfc2333cb471d317d4ebfbd97e08fd79bc1ac0cdb94eeaacd4957a9f350abfa71d20c96806733ba6c992fae8491e4dcd7

    • SSDEEP

      196608:hJlkqrQrenCIJ/RE7XA2cCiwJ0tV7cPPLU:hMfyDfELhcdVVwXI

    Score
    10/10
    discovery

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks