Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

8

3060665914...ea.exe

windows7-x64

10

3060665914...ea.exe

windows10-2004-x64

10

out.exe

windows7-x64

out.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3060665914753be2ea1a6573c1e071336150744d8e26bb452eae4f5030d549ea

  • Size

    979KB

  • Sample

    220912-ynzzvseah5

  • MD5

    c13f1a8cf97ee2f8c3c782e7e8bb717f

  • SHA1

    02c0218bca2ce9801860b1b0793d8631d09b9933

  • SHA256

    3060665914753be2ea1a6573c1e071336150744d8e26bb452eae4f5030d549ea

  • SHA512

    79073289d8e9b902cbbb895164b7c1e06f18a8367d339b3f3d681170306882de436bcdb9eb3b73c69d4869e40f98138ad8b0d89e1709d2158dfef028b92b4f08

  • SSDEEP

    24576:gYrxUgRM5Ybc9bKvu6DPiCskNxZsTB3O6vJV9XKEYoSNd64X:g1Cgb+DPitklsTB3vJLXY5Nd6q

Score
10/10
upx

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://31.41.244.231/AVAVA/WAW/APPDATA/go.oo

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://31.41.244.231/AVAVA/WAW/Documents/go.oo

Targets

    • Target

      3060665914753be2ea1a6573c1e071336150744d8e26bb452eae4f5030d549ea

    • Size

      979KB

    • MD5

      c13f1a8cf97ee2f8c3c782e7e8bb717f

    • SHA1

      02c0218bca2ce9801860b1b0793d8631d09b9933

    • SHA256

      3060665914753be2ea1a6573c1e071336150744d8e26bb452eae4f5030d549ea

    • SHA512

      79073289d8e9b902cbbb895164b7c1e06f18a8367d339b3f3d681170306882de436bcdb9eb3b73c69d4869e40f98138ad8b0d89e1709d2158dfef028b92b4f08

    • SSDEEP

      24576:gYrxUgRM5Ybc9bKvu6DPiCskNxZsTB3O6vJV9XKEYoSNd64X:g1Cgb+DPitklsTB3vJLXY5Nd6q

    Score
    10/10
    upx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      out.upx

    • Size

      150KB

    • MD5

      b010f16dc234c3d01788c20e851f51db

    • SHA1

      8e10543a1a91058e6e506fbb9870866495aeea4e

    • SHA256

      a9c944308245711f640825111e80ac4cfcbd06c4a4af9ebc82a3fc39800bd7e3

    • SHA512

      93c4a661f5ded79ec674eacb582603ef0c720b982a0b80ab044ba925cd522c4c117c46697d56087d4b879564ab3288fbfd6a677107f199c7aaf41495fc3bd457

    • SSDEEP

      3072:r5VF+XC9GAJ3+3BI0WhAtAAAAA+j7aJRide/iAbB9ZoSnmzCN:r5VP9Ge3+hoAvdeJBbLniu

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v6

Tasks