urlscan.io logo urlscan.io
SecurityTrails logo

tria.ge Open in urlscan Pro
2606:4700::6812:134d  Public Scan

Back to summary
URL: https://tria.ge/220714-3xeshacabk
Submission Tags: falconsandbox
Submission: On August 14 via api from US — Scanned from DE

Form analysis 0 forms found in the DOM

Text Content

 * Submit
 * Reports


 * 



Overview

overview

10

Static

static

winrar600.exe

windows10_x64

10
Download SampleFeedbackPrint to PDF


SHARING

Copy URL
Twitter E-mail

GENERAL

 * Target
   
   winrar600.exe
   
   

 * Size
   
   2.9MB
   
   

 * Sample
   
   220714-3xeshacabk
   
   

 * MD5
   
   c74862e16bcc2b0e02cadb7ab14e3cd6
   
   

 * SHA1
   
   6569aa87d28db836d7d3380b32a83654f3e909cf
   
   

 * SHA256
   
   aff4bb9b15bccff67a112a7857d28d3f2f436e2e42f11be14930fe496269d573
   
   

 * SHA512
   
   d28fbfd2b75789d85f402190b25bc7649bcde742495465ac22ffc3bc583d5e27aa2975d781d3a7d51b26149236ebcce8a94ec1d615e83a568d68c57bb8b10fa7
   
   

Score
10/10

discoverypersistence

Static task

static1



Behavioral task

behavioral1

Sample

winrar600.exe

Resource

win10-20220414-en

discoverypersistence
windows10_x64
0 signatures
0 seconds

MALWARE CONFIG



TARGETS

 *  * Target
      
      winrar600.exe
      
      
   
    * Size
      
      2.9MB
      
      
   
    * MD5
      
      c74862e16bcc2b0e02cadb7ab14e3cd6
      
      
   
    * SHA1
      
      6569aa87d28db836d7d3380b32a83654f3e909cf
      
      
   
    * SHA256
      
      aff4bb9b15bccff67a112a7857d28d3f2f436e2e42f11be14930fe496269d573
      
      
   
    * SHA512
      
      d28fbfd2b75789d85f402190b25bc7649bcde742495465ac22ffc3bc583d5e27aa2975d781d3a7d51b26149236ebcce8a94ec1d615e83a568d68c57bb8b10fa7
      
      
   
   Score
   10/10
   
   discoverypersistence
   
   
   * MODIFIES SYSTEM EXECUTABLE FILETYPE ASSOCIATION
     
     persistence
   
   
   * EXECUTES DROPPED EXE
   
   
   * REGISTERS COM SERVER FOR AUTORUN
     
     persistence
   
   
   * CHECKS INSTALLED SOFTWARE ON THE SYSTEM
     
     Looks up Uninstall key entries in the registry to enumerate software on the
     system.
     
     discovery
   behavioral1


MITRE ATT&CK MATRIX ATT&CK V6

Initial Access



Execution



Persistence



Change Default File Association


1
T1042

Registry Run Keys / Startup Folder


1
T1060

Privilege Escalation



Defense Evasion



Modify Registry


1
T1112

Credential Access



Discovery



Query Registry


1
T1012

System Information Discovery


1
T1082

Lateral Movement



Collection



Exfiltration



Command and Control



Impact



TASKS

STATIC1


Score
N/A


BEHAVIORAL1

discoverypersistence
Score
10/10




© 2018-2024

Terms | Privacy


WE CARE ABOUT YOUR PRIVACY.

This website stores cookies on your computer. These cookies are used to improve
your website experience and provide more personalized services to you, both on
this website and through other media. To find out more about the cookies we use,
see our Privacy Policy.

Accept