Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

51e0e36b15...bd.exe

windows7-x64

10

51e0e36b15...bd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    51e0e36b1563df4d3b467e627292231726f0f8d1a7ccecbf9cc42e971f4c12bd

  • Size

    156KB

  • Sample

    220919-mfmh1sgedj

  • MD5

    9760dcb81fdb189b7499580baac6af34

  • SHA1

    8ee4a71afa156ee6dfe3f01a6b6b8d5968f40f6b

  • SHA256

    51e0e36b1563df4d3b467e627292231726f0f8d1a7ccecbf9cc42e971f4c12bd

  • SHA512

    3252e06b52f112f1b20657c18a51906e2708520d4527f24fa81f5b7055dd160b70256f936beb472623c397f983dec75a273c29182850b6ae6c9f19c7bec68a2e

  • SSDEEP

    3072:3sT0tVcx8jeFvB0Z/I8xSFJKxr2CrILdbdN:8xIcvqVuJyr2CMLxd

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      51e0e36b1563df4d3b467e627292231726f0f8d1a7ccecbf9cc42e971f4c12bd

    • Size

      156KB

    • MD5

      9760dcb81fdb189b7499580baac6af34

    • SHA1

      8ee4a71afa156ee6dfe3f01a6b6b8d5968f40f6b

    • SHA256

      51e0e36b1563df4d3b467e627292231726f0f8d1a7ccecbf9cc42e971f4c12bd

    • SHA512

      3252e06b52f112f1b20657c18a51906e2708520d4527f24fa81f5b7055dd160b70256f936beb472623c397f983dec75a273c29182850b6ae6c9f19c7bec68a2e

    • SSDEEP

      3072:3sT0tVcx8jeFvB0Z/I8xSFJKxr2CrILdbdN:8xIcvqVuJyr2CMLxd

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks