Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

61a01560ab...36.exe

windows7-x64

8

61a01560ab...36.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    61a01560ab72e858b18b1f875728063836c29a21df52dbb8f9f270a3e8caa236

  • Size

    1.2MB

  • Sample

    221003-rvs2kabaf6

  • MD5

    617b022e71a5d40ebdbe5ed9507f028d

  • SHA1

    6bbacfabd060d5b75fcc5169ccde812bd50cf762

  • SHA256

    61a01560ab72e858b18b1f875728063836c29a21df52dbb8f9f270a3e8caa236

  • SHA512

    778f4a0793ff13acec4f9f415df4f0a1c17268af002f923c41c679ab250ef18f2626921f67c5d473e2c3e57f26428be5d6c6fae43be20b712ee26b6e75f1b5c2

  • SSDEEP

    24576:ynL83cUxIysopjz8WaSzjq6e9gZoXcYpYc8EigfhmYo1ISI4IBjhD:I4cUcU8k+6nZmYcFjfhmYmnIBjt

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      61a01560ab72e858b18b1f875728063836c29a21df52dbb8f9f270a3e8caa236

    • Size

      1.2MB

    • MD5

      617b022e71a5d40ebdbe5ed9507f028d

    • SHA1

      6bbacfabd060d5b75fcc5169ccde812bd50cf762

    • SHA256

      61a01560ab72e858b18b1f875728063836c29a21df52dbb8f9f270a3e8caa236

    • SHA512

      778f4a0793ff13acec4f9f415df4f0a1c17268af002f923c41c679ab250ef18f2626921f67c5d473e2c3e57f26428be5d6c6fae43be20b712ee26b6e75f1b5c2

    • SSDEEP

      24576:ynL83cUxIysopjz8WaSzjq6e9gZoXcYpYc8EigfhmYo1ISI4IBjhD:I4cUcU8k+6nZmYcFjfhmYmnIBjt

    Score
    8/10
    upxpersistence

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks