5c2da70eb09a300a356c5d066fa63cd5f5e599a7802d4ab4722f5bd78bef962f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

bb2ce32c9b...d5.msi

windows7-x64

6

bb2ce32c9b...d5.msi

windows10-2004-x64

6

Sharing

General

Target

19209703262.zip
Size

142.2MB
Sample

241004-vsq1zazhke
MD5

67a7f682055019bfcba9fcbc11cd6ea5
SHA1

08af763da765cad9775e47235be5fbb26cac3374
SHA256

5c2da70eb09a300a356c5d066fa63cd5f5e599a7802d4ab4722f5bd78bef962f
SHA512

c13e71c93c9c8a5c577e36eef7acf121f25095c9339b132b6bcf4255aae559b0f448f615738693eb0e6befdbbc84f08be3bd8dd8564e2800dc95e5c12140e1be
SSDEEP

3145728:vCemuVWPqOaGzMfPX3Xt1+pK+ZbzaMiwhtsCG2re:vCemyAqOVW+pmMvaKe

Score

6^/10

discovery execution persistence privilege_escalation

Static task

static1

Behavioral task

behavioral1

Sample

bb2ce32c9b9c307eda65a2f13415d6a01c7e9f1261a1872d4c588ac1c599bed5.msi

Resource

win7-20240729-en

discovery execution persistence privilege_escalation

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

bb2ce32c9b9c307eda65a2f13415d6a01c7e9f1261a1872d4c588ac1c599bed5.msi

Resource

win10v2004-20240802-en

discovery execution persistence privilege_escalation

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  bb2ce32c9b9c307eda65a2f13415d6a01c7e9f1261a1872d4c588ac1c599bed5
- Size
  
  142.3MB
- MD5
  
  d54ab89f2e4dde5633b7fbdf00dbbbe9
- SHA1
  
  379709f077da51a5c7ebcbb8fc0a0a0895c20933
- SHA256
  
  bb2ce32c9b9c307eda65a2f13415d6a01c7e9f1261a1872d4c588ac1c599bed5
- SHA512
  
  c4dc7e0b50419d0b8b660526d83a940c5627e4244b4542322e1d46cf5ad25a702cc5a77bde3653e59561d14596f89966201634dff5a33c1efe79d5b560933189
- SSDEEP
  
  3145728:wLva3lK/CCB9nyGp49Hy0+Xb6SQvhS4Y0Cr5pyicNlSuVG/aSWGeW6p:wLvq8nggcvhY0C/yLP/Vaabfp
Score

6^/10

discovery execution persistence privilege_escalation
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

System Binary Proxy Execution

Msiexec

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecutionpersistenceprivilege_escalation

behavioral2

discoveryexecutionpersistenceprivilege_escalation

© 2018-2025

Terms | Privacy