Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

8

c26f391d9e...c3.exe

windows7-x64

9

c26f391d9e...c3.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c26f391d9ecdf9399637a7f4d3a443404167bb2623ed0273cbe7ba05d90ddfc3

  • Size

    28KB

  • Sample

    220919-w1nq9agbbj

  • MD5

    b5ab26bfcdb6593eadb70c5d56a42a99

  • SHA1

    2ce2ca038845e7ad785e2be5998345509d7e7495

  • SHA256

    c26f391d9ecdf9399637a7f4d3a443404167bb2623ed0273cbe7ba05d90ddfc3

  • SHA512

    9376921244b8ea367b87b0b254071f0845d3e7b9236582ce13d8ba451f383569f40c7a8579301e5d36e3a19eeff4b8a2839846171f2cb8d7c67f1e96d0215666

  • SSDEEP

    768:kKTgr5vJB45jYJyVhfpd++pCeS/TKvYm8gld7Ff:k8yvn45ZD3pCzTKB/Bf

Score
9/10
upx

Malware Config

Targets

    • Target

      c26f391d9ecdf9399637a7f4d3a443404167bb2623ed0273cbe7ba05d90ddfc3

    • Size

      28KB

    • MD5

      b5ab26bfcdb6593eadb70c5d56a42a99

    • SHA1

      2ce2ca038845e7ad785e2be5998345509d7e7495

    • SHA256

      c26f391d9ecdf9399637a7f4d3a443404167bb2623ed0273cbe7ba05d90ddfc3

    • SHA512

      9376921244b8ea367b87b0b254071f0845d3e7b9236582ce13d8ba451f383569f40c7a8579301e5d36e3a19eeff4b8a2839846171f2cb8d7c67f1e96d0215666

    • SSDEEP

      768:kKTgr5vJB45jYJyVhfpd++pCeS/TKvYm8gld7Ff:k8yvn45ZD3pCzTKB/Bf

    Score
    9/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks