Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

154e5fa345...c2.exe

windows7-x64

8

154e5fa345...c2.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    154e5fa34521e9bfe276848f77a8be1cd0a751aa5a0e26f04cddaa14963e28c2

  • Size

    132KB

  • Sample

    221011-j72kgaeadl

  • MD5

    789a7c1914f703c8343b8ece91c3a830

  • SHA1

    fc5e2b8079f7a340d437a00652edce1ef851bfae

  • SHA256

    154e5fa34521e9bfe276848f77a8be1cd0a751aa5a0e26f04cddaa14963e28c2

  • SHA512

    f4b4f99be9c3e0fd4d59152b4622f3b80eb51419bf1a8870f643155eda6a7fad4160c1a1bbc1fa615669601f22f4983cbe3a58d15ff9d099d506c65d0e945627

  • SSDEEP

    1536:wURjsYDtXptH5NwCes0GUEQZwaKH3xm4KZtLsi4mJMo6C:zfx0FKqubP

Score
8/10
persistence

Malware Config

Targets

    • Target

      154e5fa34521e9bfe276848f77a8be1cd0a751aa5a0e26f04cddaa14963e28c2

    • Size

      132KB

    • MD5

      789a7c1914f703c8343b8ece91c3a830

    • SHA1

      fc5e2b8079f7a340d437a00652edce1ef851bfae

    • SHA256

      154e5fa34521e9bfe276848f77a8be1cd0a751aa5a0e26f04cddaa14963e28c2

    • SHA512

      f4b4f99be9c3e0fd4d59152b4622f3b80eb51419bf1a8870f643155eda6a7fad4160c1a1bbc1fa615669601f22f4983cbe3a58d15ff9d099d506c65d0e945627

    • SSDEEP

      1536:wURjsYDtXptH5NwCes0GUEQZwaKH3xm4KZtLsi4mJMo6C:zfx0FKqubP

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks