d172c7e26fbaae07b616a96baa3adbde06d56ac56e54b8d4e8ae0b52a0505da6 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

Flarenew.exe

windows10-2004-x64

8

Sharing

General

Target

Flarenew.exe
Size

92KB
Sample

250326-s3cvzsxxgs
MD5

f1d059446cb8a408fcc2087c70b24902
SHA1

efa4db5ce56b23eee6fbdc8879d549a7e082ab57
SHA256

d172c7e26fbaae07b616a96baa3adbde06d56ac56e54b8d4e8ae0b52a0505da6
SHA512

a3ac6bca3d3684765d43a47c9119d2d906a23be67e09a7491fa0b9bfd9df1d0a9a16dc610247e399ced96c67fb4d07e07f4cdd7d3f822e3d0ccc25e326f2140d
SSDEEP

1536:j7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIfUwbDNO+:/7DhdC6kzWypvaQ0FxyNTBfU0n

Score

8^/10

defense_evasion discovery exploit persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Flarenew.exe

Resource

win10v2004-20250314-en

defense_evasion discovery exploit persistence

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  Flarenew.exe
- Size
  
  92KB
- MD5
  
  f1d059446cb8a408fcc2087c70b24902
- SHA1
  
  efa4db5ce56b23eee6fbdc8879d549a7e082ab57
- SHA256
  
  d172c7e26fbaae07b616a96baa3adbde06d56ac56e54b8d4e8ae0b52a0505da6
- SHA512
  
  a3ac6bca3d3684765d43a47c9119d2d906a23be67e09a7491fa0b9bfd9df1d0a9a16dc610247e399ced96c67fb4d07e07f4cdd7d3f822e3d0ccc25e326f2140d
- SSDEEP
  
  1536:j7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIfUwbDNO+:/7DhdC6kzWypvaQ0FxyNTBfU0n
Score

8^/10

defense_evasion discovery exploit persistence
- Possible privilege escalation attempt
  exploit
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  defense_evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

File and Directory Permissions Modification

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryexploitpersistence

© 2018-2025

Terms | Privacy