Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

robolab 25...ad.exe

windows7-x64

robolab 25...ad.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    58580d20b86b5beb31d51950f39db8af167af816e55a6bff1c2af3c789c365cb

  • Size

    212KB

  • Sample

    221011-ymr8mabhb4

  • MD5

    a0ff505a4d49f64f066efd8465336523

  • SHA1

    7aced023eb7d73e1bca112ae12e0ce2c2ef6d009

  • SHA256

    58580d20b86b5beb31d51950f39db8af167af816e55a6bff1c2af3c789c365cb

  • SHA512

    057d9561c2c5129832ac657ae992fc2ba38581e9368ee01a0618ad8b16726067a61496c40b94d1e5d63940592463bba6d414b3988ab5284c39b32997e5958edd

  • SSDEEP

    3072:3tXMeQnrm2CxD6O6EdRq/nJfYGe1XjxzCKeqQkIFVxqVF7QRfO4016tlvXWAF+WV:1MeE7DvEd3GQxzWkIvxqVF8xO5oHmAT

Score
8/10

Malware Config

Targets

    • Target

      robolab 254download.exe

    • Size

      508KB

    • MD5

      b248db34834905d6746d68f8bb089652

    • SHA1

      0a57b032cd1db4b5402e0e86cf137517e1a55bd0

    • SHA256

      7651724fa0ea3b15512b456411ce01bf6adfdc1bff62210b8ca61be6a16c0775

    • SHA512

      54ca3c6f76fc5db37374b7038f29dd45a6c74c5f79bbcd7e3e8d2187d36f6bcf18a3f15a7b9a198fc696ea90a283ebff0b4deb609e6566a6448f72d086a8227c

    • SSDEEP

      12288:VEGXEze2ysmqRqFUvK2ySI8d+jb1pg85GG+3L2FqBz/:VSysL5Tyw4jbM+GP36Fqt

    Score
    8/10

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks