Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

f0263cf12d...40.exe

windows7-x64

8

f0263cf12d...40.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f0263cf12d3133afe22ed18a11f4c720ecf2894a922d5fc74ea82ee4d5385940

  • Size

    140KB

  • Sample

    220919-1wk7sabbb6

  • MD5

    6df8cc0effe7944cd6200ccc2561cc48

  • SHA1

    19c98316c42058baecfc6eb0aaa2fc713cc6fd8b

  • SHA256

    f0263cf12d3133afe22ed18a11f4c720ecf2894a922d5fc74ea82ee4d5385940

  • SHA512

    8be86f3cdb15a4d068b05e4b05151ac52e9b9f6641a86e1869eb303a2c9694e5cf82656a551039695bf15425f6136d68e4205f8ecc9791c396c6e46619383208

  • SSDEEP

    1536:kZqW1suA2HJm/2n8vwUSnnm68vUsRqw1sz6GILUQBqxIN9LNDYmYyfrdQk8PgF7b:011vpG28vCt8vUO1A6QxIifAGrgp

Score
8/10
persistence

Malware Config

Targets

    • Target

      f0263cf12d3133afe22ed18a11f4c720ecf2894a922d5fc74ea82ee4d5385940

    • Size

      140KB

    • MD5

      6df8cc0effe7944cd6200ccc2561cc48

    • SHA1

      19c98316c42058baecfc6eb0aaa2fc713cc6fd8b

    • SHA256

      f0263cf12d3133afe22ed18a11f4c720ecf2894a922d5fc74ea82ee4d5385940

    • SHA512

      8be86f3cdb15a4d068b05e4b05151ac52e9b9f6641a86e1869eb303a2c9694e5cf82656a551039695bf15425f6136d68e4205f8ecc9791c396c6e46619383208

    • SSDEEP

      1536:kZqW1suA2HJm/2n8vwUSnnm68vUsRqw1sz6GILUQBqxIN9LNDYmYyfrdQk8PgF7b:011vpG28vCt8vUO1A6QxIifAGrgp

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks