Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7d83d737bae2597faf8f2ea8347e0c730a66a2049ef4bf2d7852488a34eaf17e

  • Size

    1.0MB

  • Sample

    221003-19hntaaab4

  • MD5

    6575b134dd7b050d597ef0475d0e1585

  • SHA1

    6fbc76429ccbbf9dbdee4c86b1d61f612e70f60e

  • SHA256

    7d83d737bae2597faf8f2ea8347e0c730a66a2049ef4bf2d7852488a34eaf17e

  • SHA512

    8628530230d14ad428d0c28bfd0e9363858c44b95a614127e7a57c284c605be19e7e6d0a5b4b5ccfdad5135f670507b23238d507c0e4e05891d05dd0e9de3014

  • SSDEEP

    24576:MQCMf3oQlibOIQxiZY1Oa7RlOoIT40sAZw8Ts:UMPoQlATFZY1Oa7Rl+e

Score
8/10

Malware Config

Targets

    • Target

      7d83d737bae2597faf8f2ea8347e0c730a66a2049ef4bf2d7852488a34eaf17e

    • Size

      1.0MB

    • MD5

      6575b134dd7b050d597ef0475d0e1585

    • SHA1

      6fbc76429ccbbf9dbdee4c86b1d61f612e70f60e

    • SHA256

      7d83d737bae2597faf8f2ea8347e0c730a66a2049ef4bf2d7852488a34eaf17e

    • SHA512

      8628530230d14ad428d0c28bfd0e9363858c44b95a614127e7a57c284c605be19e7e6d0a5b4b5ccfdad5135f670507b23238d507c0e4e05891d05dd0e9de3014

    • SSDEEP

      24576:MQCMf3oQlibOIQxiZY1Oa7RlOoIT40sAZw8Ts:UMPoQlATFZY1Oa7Rl+e

    Score
    8/10
    • Executes dropped EXE

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks