Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2b3db408736780f5a310e346ce63ac4f02903b68b50b92adcc1114de39ba6234

  • Size

    416KB

  • Sample

    220919-dvc4fseae9

  • MD5

    3aca89171aafa331f7fcad5fd67c7bc6

  • SHA1

    99751e625d782fe8e5398a6b81dc697d819a8da2

  • SHA256

    2b3db408736780f5a310e346ce63ac4f02903b68b50b92adcc1114de39ba6234

  • SHA512

    b8b9d7298ab50bc3dd6df6af82e666444aeff9beefd77ce474176e56a5db9f47ddbd0b77fbb77d8dd3aa4db9a85049cd836d2382856c15656d758af259076651

  • SSDEEP

    12288:TDLOhQiq/baOtDO5k+XWsJQrrUmhiK2thyHRU:TDuQiqjklWhiTyHRU

Score
10/10

Malware Config

Targets

    • Target

      2b3db408736780f5a310e346ce63ac4f02903b68b50b92adcc1114de39ba6234

    • Size

      416KB

    • MD5

      3aca89171aafa331f7fcad5fd67c7bc6

    • SHA1

      99751e625d782fe8e5398a6b81dc697d819a8da2

    • SHA256

      2b3db408736780f5a310e346ce63ac4f02903b68b50b92adcc1114de39ba6234

    • SHA512

      b8b9d7298ab50bc3dd6df6af82e666444aeff9beefd77ce474176e56a5db9f47ddbd0b77fbb77d8dd3aa4db9a85049cd836d2382856c15656d758af259076651

    • SSDEEP

      12288:TDLOhQiq/baOtDO5k+XWsJQrrUmhiK2thyHRU:TDuQiqjklWhiTyHRU

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks