Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

09099d9690...1a.exe

windows7-x64

8

09099d9690...1a.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    09099d9690d6e1fd353716175c33fc8840e71403928e4f59e1525b6c2bcfaf1a

  • Size

    535KB

  • Sample

    221003-sn7rtacdg8

  • MD5

    6cfc2c513d965e191ee0f6cc5380f633

  • SHA1

    ffce1a122092a81970ddd657ead6b40fe1af5f89

  • SHA256

    09099d9690d6e1fd353716175c33fc8840e71403928e4f59e1525b6c2bcfaf1a

  • SHA512

    4a7f50ba6ebb89a5f8990c262a1a3028747900ec4edf120c54b49f90a729b57051c4f451f2e2d6edd39642fb443f0d9dae950245acd5df85b1d8b36c43859032

  • SSDEEP

    6144:/MSGDR10FgQV7sssO8hGDJkhpe1pq5yLheAn+KiNgiJlRfcln/kK/4ZP7xYh:a0n7ss66wpyKyL93+Jaln/kK/49lm

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      09099d9690d6e1fd353716175c33fc8840e71403928e4f59e1525b6c2bcfaf1a

    • Size

      535KB

    • MD5

      6cfc2c513d965e191ee0f6cc5380f633

    • SHA1

      ffce1a122092a81970ddd657ead6b40fe1af5f89

    • SHA256

      09099d9690d6e1fd353716175c33fc8840e71403928e4f59e1525b6c2bcfaf1a

    • SHA512

      4a7f50ba6ebb89a5f8990c262a1a3028747900ec4edf120c54b49f90a729b57051c4f451f2e2d6edd39642fb443f0d9dae950245acd5df85b1d8b36c43859032

    • SSDEEP

      6144:/MSGDR10FgQV7sssO8hGDJkhpe1pq5yLheAn+KiNgiJlRfcln/kK/4ZP7xYh:a0n7ss66wpyKyL93+Jaln/kK/49lm

    Score
    8/10
    persistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Checks for any installed AV software in registry

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks