Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    47857977c75e866d76bd0bfc27d9c46f73376be05c01199b48c105919d4c8ff9

  • Size

    629KB

  • Sample

    221003-d7bq6afhdp

  • MD5

    450060ccd8b9d7d412c94d95633543e1

  • SHA1

    7e1c2de473b6d376799651f14280f4f8ad3ce8fb

  • SHA256

    47857977c75e866d76bd0bfc27d9c46f73376be05c01199b48c105919d4c8ff9

  • SHA512

    4603f28974a45fe05d9df6c1e98a9ab48f0d6a012c1c842bc2535878609f988f20273b5d5de52216d177daf27c7282822eafcfa1780168d2bf0fe27767edd41b

  • SSDEEP

    12288:2N+LbOurqW8AuLexBtRDgNCrrxHeGCcOHO:FOurqW8AuL8fD4CrrsGCcaO

Score
8/10

Malware Config

Targets

    • Target

      47857977c75e866d76bd0bfc27d9c46f73376be05c01199b48c105919d4c8ff9

    • Size

      629KB

    • MD5

      450060ccd8b9d7d412c94d95633543e1

    • SHA1

      7e1c2de473b6d376799651f14280f4f8ad3ce8fb

    • SHA256

      47857977c75e866d76bd0bfc27d9c46f73376be05c01199b48c105919d4c8ff9

    • SHA512

      4603f28974a45fe05d9df6c1e98a9ab48f0d6a012c1c842bc2535878609f988f20273b5d5de52216d177daf27c7282822eafcfa1780168d2bf0fe27767edd41b

    • SSDEEP

      12288:2N+LbOurqW8AuLexBtRDgNCrrxHeGCcOHO:FOurqW8AuL8fD4CrrsGCcaO

    Score
    8/10
    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks