Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

47e6caf4da...fe.exe

windows7-x64

8

47e6caf4da...fe.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    47e6caf4da828a99ee6772fc3a3905e984e72374194f330010dc93f67fcce6fe

  • Size

    104KB

  • Sample

    221011-thh2yacha5

  • MD5

    10031182705b3d864db88ccbd1191ca7

  • SHA1

    2e8626da1bb8e5a57198a324196fbd64880dc124

  • SHA256

    47e6caf4da828a99ee6772fc3a3905e984e72374194f330010dc93f67fcce6fe

  • SHA512

    fb9768b14bdf6bd65550f9f3ba97ce0cce3c1ec6323cd00ae309b502302141c6269778eaf3edef31e9c9392fc24d76aa453e9d40326c981a35ce1acb9c5ecb12

  • SSDEEP

    3072:uetDOSpgJremwXSAvNdH1w4IqeolDHXOMxiU:2Spgxem/4NbTIq9D3Vxi

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      47e6caf4da828a99ee6772fc3a3905e984e72374194f330010dc93f67fcce6fe

    • Size

      104KB

    • MD5

      10031182705b3d864db88ccbd1191ca7

    • SHA1

      2e8626da1bb8e5a57198a324196fbd64880dc124

    • SHA256

      47e6caf4da828a99ee6772fc3a3905e984e72374194f330010dc93f67fcce6fe

    • SHA512

      fb9768b14bdf6bd65550f9f3ba97ce0cce3c1ec6323cd00ae309b502302141c6269778eaf3edef31e9c9392fc24d76aa453e9d40326c981a35ce1acb9c5ecb12

    • SSDEEP

      3072:uetDOSpgJremwXSAvNdH1w4IqeolDHXOMxiU:2Spgxem/4NbTIq9D3Vxi

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks