Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e28c808249be660a3e44ed9990d4925e7acb4425fb7fc9f33b229f96632eb5ce

  • Size

    143KB

  • Sample

    221011-zezs6sdde5

  • MD5

    7c77a2430ceaba2169cd64d97cbfa5f0

  • SHA1

    5f07d401e14df2b3be43451399c70f20c73a90c7

  • SHA256

    e28c808249be660a3e44ed9990d4925e7acb4425fb7fc9f33b229f96632eb5ce

  • SHA512

    3c38444d618651ecbf4b7fbd6c811dbf43675884c165365634cfe6c99b10f26437823e1ace529f7c3fe67fd0d61ece94a06e97fa359fae4355210b1b6a06d40e

  • SSDEEP

    3072:QAoOaoFxBJqHwCA0gdPjDhLTmFBD1Oolf/ms3A0+ott:8OaSw10RaDVlf34or

Score
10/10

Malware Config

Targets

    • Target

      e28c808249be660a3e44ed9990d4925e7acb4425fb7fc9f33b229f96632eb5ce

    • Size

      143KB

    • MD5

      7c77a2430ceaba2169cd64d97cbfa5f0

    • SHA1

      5f07d401e14df2b3be43451399c70f20c73a90c7

    • SHA256

      e28c808249be660a3e44ed9990d4925e7acb4425fb7fc9f33b229f96632eb5ce

    • SHA512

      3c38444d618651ecbf4b7fbd6c811dbf43675884c165365634cfe6c99b10f26437823e1ace529f7c3fe67fd0d61ece94a06e97fa359fae4355210b1b6a06d40e

    • SSDEEP

      3072:QAoOaoFxBJqHwCA0gdPjDhLTmFBD1Oolf/ms3A0+ott:8OaSw10RaDVlf34or

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v6

Tasks