Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    80690178a97a99e54eeb310d1f9b7dd97aaabcd2d4bb7e459464c51ecfaf47e8

  • Size

    2.7MB

  • Sample

    221015-1vgg7sgdh2

  • MD5

    ddbfa546fe1b1e1e0f7115fa96f0e3a8

  • SHA1

    3f7561631e53acbe00779fa0542b79c8ce1b3f8b

  • SHA256

    80690178a97a99e54eeb310d1f9b7dd97aaabcd2d4bb7e459464c51ecfaf47e8

  • SHA512

    7f97ff49f647755aa372ca6c43a6514ffc8f20539ef828be3a9f769ab6727cc822a0fd82b89bf6800468671c214d2a729c799431f026b3730436d1be541ea004

  • SSDEEP

    49152:ON26FOnzGn6LJvqkwnpC+mWd6uIcc9fJIluAGzdlz+mdUHZxs8GPX:O06FOznLo0+Dd6uxc9xIwCZxDGPX

Score
8/10

Malware Config

Targets

    • Target

      80690178a97a99e54eeb310d1f9b7dd97aaabcd2d4bb7e459464c51ecfaf47e8

    • Size

      2.7MB

    • MD5

      ddbfa546fe1b1e1e0f7115fa96f0e3a8

    • SHA1

      3f7561631e53acbe00779fa0542b79c8ce1b3f8b

    • SHA256

      80690178a97a99e54eeb310d1f9b7dd97aaabcd2d4bb7e459464c51ecfaf47e8

    • SHA512

      7f97ff49f647755aa372ca6c43a6514ffc8f20539ef828be3a9f769ab6727cc822a0fd82b89bf6800468671c214d2a729c799431f026b3730436d1be541ea004

    • SSDEEP

      49152:ON26FOnzGn6LJvqkwnpC+mWd6uIcc9fJIluAGzdlz+mdUHZxs8GPX:O06FOznLo0+Dd6uxc9xIwCZxDGPX

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks