Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6e4a45255a...5c.exe

windows7-x64

8

6e4a45255a...5c.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6e4a45255ae77dca91105fb246d84d1307536c3f2136d181bb3c4cfeb413455c

  • Size

    456KB

  • Sample

    220919-t6a18sghf3

  • MD5

    43d54b1ee6a8e654ad35a0dc5471346f

  • SHA1

    0bf76858f7f6ea5c9c90d5ff719a00ba781dcbea

  • SHA256

    6e4a45255ae77dca91105fb246d84d1307536c3f2136d181bb3c4cfeb413455c

  • SHA512

    471f6d460f79f7c8e4757943a734bf5088f74b66cc2a5580fe8442fc799672a94516decc38fa4c3e2f32b15270ee2e5a872ab43d463d47fc94ee0b2acdb1137f

  • SSDEEP

    6144:76YajbofxCvKRRtylG8OlsqyC1DdyStlXp9pNYZ3Ls+UcSKme9dDfpWJusWfV/RH:dWbOlsqyCJttlXdKs/cSuqlO

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      6e4a45255ae77dca91105fb246d84d1307536c3f2136d181bb3c4cfeb413455c

    • Size

      456KB

    • MD5

      43d54b1ee6a8e654ad35a0dc5471346f

    • SHA1

      0bf76858f7f6ea5c9c90d5ff719a00ba781dcbea

    • SHA256

      6e4a45255ae77dca91105fb246d84d1307536c3f2136d181bb3c4cfeb413455c

    • SHA512

      471f6d460f79f7c8e4757943a734bf5088f74b66cc2a5580fe8442fc799672a94516decc38fa4c3e2f32b15270ee2e5a872ab43d463d47fc94ee0b2acdb1137f

    • SSDEEP

      6144:76YajbofxCvKRRtylG8OlsqyC1DdyStlXp9pNYZ3Ls+UcSKme9dDfpWJusWfV/RH:dWbOlsqyCJttlXdKs/cSuqlO

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks