Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b.exe

  • Size

    1.9MB

  • Sample

    221007-g92l5sbgc6

  • MD5

    f6ed15763205da5fc35bc6af8ad1f000

  • SHA1

    e95b9750d5323fe4b0a3949945590ebb0de149bf

  • SHA256

    b7fc68653c4d32be7f3180abb0cffdfcb61c796adaa18ac4d58062bae83aaefa

  • SHA512

    ca6d9f3f0956bf03b917d9c45c881a4672e6553eb5dd7de22ddb4a61fd9d5b7bab04cd5efa9693561e3c327bb31045f475fd78bb6af08ed8cbf620260a720b25

  • SSDEEP

    24576:z7FUDowAyrTVE3U5FmdpDAI4oafbLHGE5x7awFhJdNo69lOy7KTijlN:zBuZrEUwD+oafv55DdN7POGjr

Score
8/10

Malware Config

Targets

    • Target

      b.exe

    • Size

      1.9MB

    • MD5

      f6ed15763205da5fc35bc6af8ad1f000

    • SHA1

      e95b9750d5323fe4b0a3949945590ebb0de149bf

    • SHA256

      b7fc68653c4d32be7f3180abb0cffdfcb61c796adaa18ac4d58062bae83aaefa

    • SHA512

      ca6d9f3f0956bf03b917d9c45c881a4672e6553eb5dd7de22ddb4a61fd9d5b7bab04cd5efa9693561e3c327bb31045f475fd78bb6af08ed8cbf620260a720b25

    • SSDEEP

      24576:z7FUDowAyrTVE3U5FmdpDAI4oafbLHGE5x7awFhJdNo69lOy7KTijlN:zBuZrEUwD+oafv55DdN7POGjr

    Score
    8/10
    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks