Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    990131b2a5001c90431569f5aa44b8fbc4860bd8640645c8842c5bcf61ea2a40

  • Size

    399KB

  • Sample

    220919-tcx9nsffa9

  • MD5

    fcd741cfc67a456ea3ab81d9919ae5fd

  • SHA1

    265e7e07cdf5f4ac9bbd14750d854c9038ad3ac5

  • SHA256

    990131b2a5001c90431569f5aa44b8fbc4860bd8640645c8842c5bcf61ea2a40

  • SHA512

    b98a7dbfe4b3bc900d292f215756b4db61e8a2e774f63bb255956d9989a8d55d6d900fe5d8727e4f4f265f0de761795ff622bb108dd0cb814ecbf46d5fea0063

  • SSDEEP

    6144:BBgh/58KGip9lmh0UwwDdxtPw13OyhFR8uHwqVGfOjB3RDnVh7WQ:BBMmKGnhDT+JlCIXRDnfWQ

Score
8/10

Malware Config

Targets

    • Target

      990131b2a5001c90431569f5aa44b8fbc4860bd8640645c8842c5bcf61ea2a40

    • Size

      399KB

    • MD5

      fcd741cfc67a456ea3ab81d9919ae5fd

    • SHA1

      265e7e07cdf5f4ac9bbd14750d854c9038ad3ac5

    • SHA256

      990131b2a5001c90431569f5aa44b8fbc4860bd8640645c8842c5bcf61ea2a40

    • SHA512

      b98a7dbfe4b3bc900d292f215756b4db61e8a2e774f63bb255956d9989a8d55d6d900fe5d8727e4f4f265f0de761795ff622bb108dd0cb814ecbf46d5fea0063

    • SSDEEP

      6144:BBgh/58KGip9lmh0UwwDdxtPw13OyhFR8uHwqVGfOjB3RDnVh7WQ:BBMmKGnhDT+JlCIXRDnfWQ

    Score
    8/10
    • Executes dropped EXE

    • Modifies Installed Components in the registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks