17070a505a105760ad12d0a6ce6d8de38bee37bcd1934066d794230e7c20c43b | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

17070a505a...3b.exe

windows7-x64

7

17070a505a...3b.exe

windows10-2004-x64

7

Sharing

General

Target

17070a505a105760ad12d0a6ce6d8de38bee37bcd1934066d794230e7c20c43b
Size

1.4MB
Sample

241003-k3vrssyenh
MD5

5cc10aef649b302d4ce70574a5a7e349
SHA1

d9a11539915e8440197caf9011fa8fcc10f343cf
SHA256

17070a505a105760ad12d0a6ce6d8de38bee37bcd1934066d794230e7c20c43b
SHA512

6eb32608b71e285c7dfffd4113745a73e4d853cc487c2db9a4ea56c24bbb52a4b6aac7b25b645218a9c5f034fc64178e0c206bab498d0d6a1ab9fe708b57e4ab
SSDEEP

24576:1nYCjQA0H5CJZmpW25Wh4+SFC1nltmoDCOYqiYx4atw8pD0JrCjWl5lcbYMs:lYw0kJZmU25YDSFC1b+O/w8pUOjWhcb7

Score

7^/10

discovery upx vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

17070a505a105760ad12d0a6ce6d8de38bee37bcd1934066d794230e7c20c43b.exe

Resource

win7-20240903-en

discovery upx vmprotect

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

17070a505a105760ad12d0a6ce6d8de38bee37bcd1934066d794230e7c20c43b.exe

Resource

win10v2004-20240802-en

discovery upx vmprotect

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  17070a505a105760ad12d0a6ce6d8de38bee37bcd1934066d794230e7c20c43b
- Size
  
  1.4MB
- MD5
  
  5cc10aef649b302d4ce70574a5a7e349
- SHA1
  
  d9a11539915e8440197caf9011fa8fcc10f343cf
- SHA256
  
  17070a505a105760ad12d0a6ce6d8de38bee37bcd1934066d794230e7c20c43b
- SHA512
  
  6eb32608b71e285c7dfffd4113745a73e4d853cc487c2db9a4ea56c24bbb52a4b6aac7b25b645218a9c5f034fc64178e0c206bab498d0d6a1ab9fe708b57e4ab
- SSDEEP
  
  24576:1nYCjQA0H5CJZmpW25Wh4+SFC1nltmoDCOYqiYx4atw8pD0JrCjWl5lcbYMs:lYw0kJZmU25YDSFC1b+O/w8pUOjWhcb7
Score

7^/10

discovery upx vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Network Service Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryupxvmprotect

behavioral2

discoveryupxvmprotect

© 2018-2025

Terms | Privacy