c79a2fd88cdeb20e40b6a4714140967a699359c165a5e17adca4e7d49efeb2a8 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

5

c79a2fd88c...8N.exe

windows7-x64

8

c79a2fd88c...8N.exe

windows10-2004-x64

Sharing

General

Target

c79a2fd88cdeb20e40b6a4714140967a699359c165a5e17adca4e7d49efeb2a8N
Size

38KB
Sample

241005-ktnl5aweqq
MD5

9579fa03a700fa7fa8308e9ed12d9be0
SHA1

93685a9d84cef5613fa9bdd62d4f55631a4a79f0
SHA256

c79a2fd88cdeb20e40b6a4714140967a699359c165a5e17adca4e7d49efeb2a8
SHA512

c931e4dc3778455d09b7b551e066827cf8de2e1ec80cbc76af5e7226a4110068616d285502f4a7e65aa8f15dca2a399b9bdfb0554a4617a36f5200918c6e4d20
SSDEEP

768:Nzj1JegVa3Gry+uELEmITCs/NUZ6nZdYbCLECkrQoP9fmF2f1cOZ:NWQa2TLEmITcoQxfllfmS1cOZ

Score

8^/10

discovery evasion execution upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

c79a2fd88cdeb20e40b6a4714140967a699359c165a5e17adca4e7d49efeb2a8N.exe

Resource

win7-20240729-en

discovery evasion execution upx

windows7-x64

9 signatures

120 seconds

Behavioral task

behavioral2

Sample

c79a2fd88cdeb20e40b6a4714140967a699359c165a5e17adca4e7d49efeb2a8N.exe

Resource

win10v2004-20240802-en

discovery evasion execution upx

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Targets

- Target
  
  c79a2fd88cdeb20e40b6a4714140967a699359c165a5e17adca4e7d49efeb2a8N
- Size
  
  38KB
- MD5
  
  9579fa03a700fa7fa8308e9ed12d9be0
- SHA1
  
  93685a9d84cef5613fa9bdd62d4f55631a4a79f0
- SHA256
  
  c79a2fd88cdeb20e40b6a4714140967a699359c165a5e17adca4e7d49efeb2a8
- SHA512
  
  c931e4dc3778455d09b7b551e066827cf8de2e1ec80cbc76af5e7226a4110068616d285502f4a7e65aa8f15dca2a399b9bdfb0554a4617a36f5200918c6e4d20
- SSDEEP
  
  768:Nzj1JegVa3Gry+uELEmITCs/NUZ6nZdYbCLECkrQoP9fmF2f1cOZ:NWQa2TLEmITcoQxfllfmS1cOZ
Score

8^/10

discovery evasion execution upx
- Stops running service(s)
  evasion execution
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexecutionupx

behavioral2

discoveryevasionexecutionupx

© 2018-2025

Terms | Privacy