b76c769c954a976e811bb74283993ae508f3ff98753f3ac5f35037a5d0bf7fc2 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

e00e260dcd...0N.exe

windows7-x64

7

e00e260dcd...0N.exe

windows10-2004-x64

7

Sharing

General

Target

e00e260dcd3db9f92382c39152fdd820N
Size

49KB
Sample

240914-wv3yzsycjb
MD5

e00e260dcd3db9f92382c39152fdd820
SHA1

cfcba24a21814e1cfdd6e0c138b5dca95c047a4a
SHA256

b76c769c954a976e811bb74283993ae508f3ff98753f3ac5f35037a5d0bf7fc2
SHA512

37908f82ff253b4fd6ef65623f3c1b09ac0371968bee046e8d74fcdaf2929af342b6fc41bd697f46e17d24ad8badefc3b276c31b69db7babf1302bbf24e64cf0
SSDEEP

1536:NLI4qg9+Q/KMJqSsGpdNmLUIsWsdM5T233Z:Bb/jq0LNmLUIsWsdM5T233Z

Score

7^/10

defense_evasion discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e00e260dcd3db9f92382c39152fdd820N.exe

Resource

win7-20240708-en

defense_evasion discovery upx

windows7-x64

10 signatures

120 seconds

Behavioral task

behavioral2

Sample

e00e260dcd3db9f92382c39152fdd820N.exe

Resource

win10v2004-20240802-en

defense_evasion discovery upx

windows10-2004-x64

10 signatures

120 seconds

Malware Config

Targets

- Target
  
  e00e260dcd3db9f92382c39152fdd820N
- Size
  
  49KB
- MD5
  
  e00e260dcd3db9f92382c39152fdd820
- SHA1
  
  cfcba24a21814e1cfdd6e0c138b5dca95c047a4a
- SHA256
  
  b76c769c954a976e811bb74283993ae508f3ff98753f3ac5f35037a5d0bf7fc2
- SHA512
  
  37908f82ff253b4fd6ef65623f3c1b09ac0371968bee046e8d74fcdaf2929af342b6fc41bd697f46e17d24ad8badefc3b276c31b69db7babf1302bbf24e64cf0
- SSDEEP
  
  1536:NLI4qg9+Q/KMJqSsGpdNmLUIsWsdM5T233Z:Bb/jq0LNmLUIsWsdM5T233Z
Score

7^/10

defense_evasion discovery upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryupx

behavioral2

defense_evasiondiscoveryupx

© 2018-2025

Terms | Privacy