Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

URLScan

urlscan

1

https://anydesk.com/...

macos-10.15-amd64

8

Resubmissions

19/12/2024, 19:06

241219-xr6q5syjbp 8

19/12/2024, 12:26

241219-pl731stnbr 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://anydesk.com/en/downloads/thank-you?dv=win_exe

  • Sample

    241219-pl731stnbr

Score
8/10
steamdiscoveryevasionexecutionmacospersistencephishing

Malware Config

Targets

    • Target

      https://anydesk.com/en/downloads/thank-you?dv=win_exe

    Score
    8/10
    steamdiscoveryevasionexecutionpersistencephishing

    • Path Permission

      Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.

      evasion

    • A potential corporate email address has been identified in the URL: [email protected]

      phishing

    • Gatekeeper Bypass

      Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.

      evasion

    • Detected potential entity reuse from brand STEAM.

      phishingsteam

    • File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.

      evasion

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks