Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

Documento ...ro.lnk

windows7-x64

8

Documento ...ro.lnk

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Documento 14 de Setembro.lnk

  • Size

    2KB

  • Sample

    220915-gxmbpacag6

  • MD5

    2cb7ac7cb6ff4ef4e6ec48659e52baa6

  • SHA1

    66edf5d23da5fb529d9515b5d88e6ba618db25f2

  • SHA256

    1039cb687f1f997f02bc8d3ad466a1ca6ff37ba055a5d409fd6b446ceeb5e87e

  • SHA512

    0f6a4eb6b9effd56ec66fee12474cbc15fe92a72466f1c6892e5d1188ff2da25bcc394d028f9cd34bbb3a4787ba9779009271bb361bc903e61ff244928b0822c

Score
8/10

Malware Config

Targets

    • Target

      Documento 14 de Setembro.lnk

    • Size

      2KB

    • MD5

      2cb7ac7cb6ff4ef4e6ec48659e52baa6

    • SHA1

      66edf5d23da5fb529d9515b5d88e6ba618db25f2

    • SHA256

      1039cb687f1f997f02bc8d3ad466a1ca6ff37ba055a5d409fd6b446ceeb5e87e

    • SHA512

      0f6a4eb6b9effd56ec66fee12474cbc15fe92a72466f1c6892e5d1188ff2da25bcc394d028f9cd34bbb3a4787ba9779009271bb361bc903e61ff244928b0822c

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Use of msiexec (install) with remote resource

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks