Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4cd742ef523908c6494b3bfa503a3542b90ded8c8796eb3323faf42926e8c729

  • Size

    484KB

  • Sample

    220919-dmyeesdfh3

  • MD5

    b5a956bc2eaaf2e93c1910a701f21dd1

  • SHA1

    6e39d033c0652151a7f00313580e8b1194d1be59

  • SHA256

    4cd742ef523908c6494b3bfa503a3542b90ded8c8796eb3323faf42926e8c729

  • SHA512

    5e3996b9c3e31a8b1735eacd6020629606915773af04e2cba6d70b1ed5f3f8489e1746cbf2882f24a645802a6a58ea5b320b8670538a1998a5bf083d357712ac

  • SSDEEP

    12288:moUld/f2I9JECdYW4/e4Pii15XZSAmKjlafbdDNUQ:w92ILECd0R15XZS3QafpDNUQ

Score
10/10

Malware Config

Targets

    • Target

      4cd742ef523908c6494b3bfa503a3542b90ded8c8796eb3323faf42926e8c729

    • Size

      484KB

    • MD5

      b5a956bc2eaaf2e93c1910a701f21dd1

    • SHA1

      6e39d033c0652151a7f00313580e8b1194d1be59

    • SHA256

      4cd742ef523908c6494b3bfa503a3542b90ded8c8796eb3323faf42926e8c729

    • SHA512

      5e3996b9c3e31a8b1735eacd6020629606915773af04e2cba6d70b1ed5f3f8489e1746cbf2882f24a645802a6a58ea5b320b8670538a1998a5bf083d357712ac

    • SSDEEP

      12288:moUld/f2I9JECdYW4/e4Pii15XZSAmKjlafbdDNUQ:w92ILECd0R15XZS3QafpDNUQ

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks