01c6b3248d17b5ef9d712cbeaea233624a728592839b572140144a40e71cde6a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

01c6b3248d...6a.exe

windows7-x64

7

01c6b3248d...6a.exe

windows10-2004-x64

7

Sharing

General

Target

01c6b3248d17b5ef9d712cbeaea233624a728592839b572140144a40e71cde6a
Size

1.1MB
Sample

240908-ybdwvsvcnc
MD5

2e788badf8885c5f3a3644c05ca3a2b6
SHA1

f7b531e1ae2312ded4c85feef533042701932b94
SHA256

01c6b3248d17b5ef9d712cbeaea233624a728592839b572140144a40e71cde6a
SHA512

7ae109c68ba8e385b7bb3b0106f6d211ffd709b837c8efedcb96dfe67a9392480b923f971f9880e5805cf3daf70ed3400867a2bd96b9b79b64e87f6b307e6414
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qy:acallSllG4ZM7QzMh

Score

7^/10

discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

01c6b3248d17b5ef9d712cbeaea233624a728592839b572140144a40e71cde6a.exe

Resource

win7-20240903-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

01c6b3248d17b5ef9d712cbeaea233624a728592839b572140144a40e71cde6a.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  01c6b3248d17b5ef9d712cbeaea233624a728592839b572140144a40e71cde6a
- Size
  
  1.1MB
- MD5
  
  2e788badf8885c5f3a3644c05ca3a2b6
- SHA1
  
  f7b531e1ae2312ded4c85feef533042701932b94
- SHA256
  
  01c6b3248d17b5ef9d712cbeaea233624a728592839b572140144a40e71cde6a
- SHA512
  
  7ae109c68ba8e385b7bb3b0106f6d211ffd709b837c8efedcb96dfe67a9392480b923f971f9880e5805cf3daf70ed3400867a2bd96b9b79b64e87f6b307e6414
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qy:acallSllG4ZM7QzMh
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy