Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1d84e8f21ed6460ddd8a69811d481eed48d27c5dc934c63d22f5f6d8167c130b

  • Size

    646KB

  • Sample

    221002-tf15qsfbap

  • MD5

    016cc5c921eb0d1101395025d7c0c505

  • SHA1

    98b47c84aea06e1443c396eb1b7d33e331ca6749

  • SHA256

    1d84e8f21ed6460ddd8a69811d481eed48d27c5dc934c63d22f5f6d8167c130b

  • SHA512

    31d4bdba2d2ca5c7ba12b8e4db1c9d8ba9bb4ce600aa1c84968f85186f0b44eea74f7c606e620f70137498c9f018102094a8f216eb9bb18b1040064a085aec5c

  • SSDEEP

    12288:k/dr9yql7Xa+mO0FKUDTtMi1NzW/DaRMvNXx265syu4MrZ:kl8qNKyUdMONUzeosyu4M

Score
10/10

Malware Config

Targets

    • Target

      1d84e8f21ed6460ddd8a69811d481eed48d27c5dc934c63d22f5f6d8167c130b

    • Size

      646KB

    • MD5

      016cc5c921eb0d1101395025d7c0c505

    • SHA1

      98b47c84aea06e1443c396eb1b7d33e331ca6749

    • SHA256

      1d84e8f21ed6460ddd8a69811d481eed48d27c5dc934c63d22f5f6d8167c130b

    • SHA512

      31d4bdba2d2ca5c7ba12b8e4db1c9d8ba9bb4ce600aa1c84968f85186f0b44eea74f7c606e620f70137498c9f018102094a8f216eb9bb18b1040064a085aec5c

    • SSDEEP

      12288:k/dr9yql7Xa+mO0FKUDTtMi1NzW/DaRMvNXx265syu4MrZ:kl8qNKyUdMONUzeosyu4M

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks