Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cab3c86eb20e3d67da897032e3415576e59af7f95b570a554ad44a5d8160930a

  • Size

    687KB

  • Sample

    220919-dx1mjaebf3

  • MD5

    55518a860fc98bc805c6e295c21b07cb

  • SHA1

    d019b7c7f1862641fd75ca0e22129eedabb58389

  • SHA256

    cab3c86eb20e3d67da897032e3415576e59af7f95b570a554ad44a5d8160930a

  • SHA512

    bb7c86ad66075bf494b7665e70856131cb229fa77b0de1bf99079f6f81084b01ee0fb293fd7f210dff4c2f7300a36cf76ad0b52ce3c5811ad5ce52105fb139bd

  • SSDEEP

    12288:dZjMLf11MmPQeRXEHYYS3gA0FJO1t3r6QcGuA:dafIiy4NwdLpQr

Malware Config

Targets

    • Target

      cab3c86eb20e3d67da897032e3415576e59af7f95b570a554ad44a5d8160930a

    • Size

      687KB

    • MD5

      55518a860fc98bc805c6e295c21b07cb

    • SHA1

      d019b7c7f1862641fd75ca0e22129eedabb58389

    • SHA256

      cab3c86eb20e3d67da897032e3415576e59af7f95b570a554ad44a5d8160930a

    • SHA512

      bb7c86ad66075bf494b7665e70856131cb229fa77b0de1bf99079f6f81084b01ee0fb293fd7f210dff4c2f7300a36cf76ad0b52ce3c5811ad5ce52105fb139bd

    • SSDEEP

      12288:dZjMLf11MmPQeRXEHYYS3gA0FJO1t3r6QcGuA:dafIiy4NwdLpQr

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Modifies Windows Firewall

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks