Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Photoshop_...us.exe

windows7-x64

10

Photoshop_...us.exe

windows10-1703-x64

10

Photoshop_...us.exe

windows10-2004-x64

10

Photoshop_...us.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Photoshop_x64_en-us.exe

  • Size

    23.2MB

  • Sample

    241012-zawkystgpk

  • MD5

    62044b7de91afa1c39d5312428957c44

  • SHA1

    5ad2964db98cafa09ea71f2a790959a0ed67ff2a

  • SHA256

    a1af62c4cae7eb01939beb0adb4adc83296d85a49462b399d14cf814d50627d3

  • SHA512

    88448cb1b537a69735ac55cae778cb3f0552729e958b241ae2810b459dbedc76ab43a2d8df50787d8dfc992e0f1cfca43a599d75b89916f39e8181be2c3b463f

  • SSDEEP

    393216:A26GA3is67YJMnDiyrZ74MC1EgVqNHb2k7D/fea7KiDqBIaThxGVnxpxjAat0eb1:lA3isGYJMD1rZKLqNPDKiDqV/Gvp+60G

Score
10/10
discoveryexecution

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://gt2n17uejm0gxeqm8mnzszq1sikpb0xupfgtdc0y95q50mtkqfjiujnj50.pages.dev/update/update.exe
exe.dropper

https://gt2n17uejm0gxeqm8mnzszq1sikpb0xupfgtdc0y95q50mtkqfjiujnj50.pages.dev/main/main.exe

Targets

    • Target

      Photoshop_x64_en-us.exe

    • Size

      23.2MB

    • MD5

      62044b7de91afa1c39d5312428957c44

    • SHA1

      5ad2964db98cafa09ea71f2a790959a0ed67ff2a

    • SHA256

      a1af62c4cae7eb01939beb0adb4adc83296d85a49462b399d14cf814d50627d3

    • SHA512

      88448cb1b537a69735ac55cae778cb3f0552729e958b241ae2810b459dbedc76ab43a2d8df50787d8dfc992e0f1cfca43a599d75b89916f39e8181be2c3b463f

    • SSDEEP

      393216:A26GA3is67YJMnDiyrZ74MC1EgVqNHb2k7D/fea7KiDqBIaThxGVnxpxjAat0eb1:lA3isGYJMD1rZKLqNPDKiDqV/Gvp+60G

    Score
    10/10
    discoveryexecution

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution
    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks