Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    23fab8e73a76e15208fd9b6085c56f8340c1b2e1879b6676c06314d1781f2b4c

  • Size

    460KB

  • Sample

    221002-apq7caegfm

  • MD5

    59e5709610450cd0910d414a37f0c004

  • SHA1

    de8d36bfc5c392f62a6b6019b0607ff3b8408dbf

  • SHA256

    23fab8e73a76e15208fd9b6085c56f8340c1b2e1879b6676c06314d1781f2b4c

  • SHA512

    7d689f3edbaccc4087c2f33279a5fa956ae9d9c5b35d17c5f0475decd951097d627276661f8048a12cb0b62304fc79e268102a44768b2506595ddf39e458b2eb

  • SSDEEP

    12288:zlSt6oIHNOhU5O5TYo4XqTig5GSR9CClDDL:zlSt69HNx6T/5xT

Score
10/10

Malware Config

Targets

    • Target

      23fab8e73a76e15208fd9b6085c56f8340c1b2e1879b6676c06314d1781f2b4c

    • Size

      460KB

    • MD5

      59e5709610450cd0910d414a37f0c004

    • SHA1

      de8d36bfc5c392f62a6b6019b0607ff3b8408dbf

    • SHA256

      23fab8e73a76e15208fd9b6085c56f8340c1b2e1879b6676c06314d1781f2b4c

    • SHA512

      7d689f3edbaccc4087c2f33279a5fa956ae9d9c5b35d17c5f0475decd951097d627276661f8048a12cb0b62304fc79e268102a44768b2506595ddf39e458b2eb

    • SSDEEP

      12288:zlSt6oIHNOhU5O5TYo4XqTig5GSR9CClDDL:zlSt69HNx6T/5xT

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks