Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

f50e655ae9...97.exe

windows7-x64

8

f50e655ae9...97.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f50e655ae92bbb753e145cbb905a985db854cafd4af7b60a30ca88010f912797

  • Size

    341KB

  • Sample

    221011-np3r2acde9

  • MD5

    6cadb955f78ae587d525ee714fc431d0

  • SHA1

    23be952782126ed5f9a26223e1fba8dc5a5fda30

  • SHA256

    f50e655ae92bbb753e145cbb905a985db854cafd4af7b60a30ca88010f912797

  • SHA512

    a3b1f64e1e4ae391eff08d5edd94e47dd3b8e60819819a102e8a06bc7baa4a86e55cd0c00b113b780d65abe9a86b4301048295b6352c73d972b16e5ba9aff515

  • SSDEEP

    3072:/BI5ArKGCnhgU1XA+ArXjeaMoh6lgUaVwQ+/76bSSN+PS7VyoCeJ6ikm6bm:/K5ArKjbAxXSaegUqGeGpBohMb

Score
8/10
persistence

Malware Config

Targets

    • Target

      f50e655ae92bbb753e145cbb905a985db854cafd4af7b60a30ca88010f912797

    • Size

      341KB

    • MD5

      6cadb955f78ae587d525ee714fc431d0

    • SHA1

      23be952782126ed5f9a26223e1fba8dc5a5fda30

    • SHA256

      f50e655ae92bbb753e145cbb905a985db854cafd4af7b60a30ca88010f912797

    • SHA512

      a3b1f64e1e4ae391eff08d5edd94e47dd3b8e60819819a102e8a06bc7baa4a86e55cd0c00b113b780d65abe9a86b4301048295b6352c73d972b16e5ba9aff515

    • SSDEEP

      3072:/BI5ArKGCnhgU1XA+ArXjeaMoh6lgUaVwQ+/76bSSN+PS7VyoCeJ6ikm6bm:/K5ArKjbAxXSaegUqGeGpBohMb

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks