Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

577cc571f5...4f.exe

windows7-x64

10

577cc571f5...4f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    577cc571f5ca8f1125dcacd9110f4e7da90e881d469533740943438fe256334f

  • Size

    156KB

  • Sample

    221021-ebn72sagb2

  • MD5

    70cc302775a0be9657249afebecdaed0

  • SHA1

    67b4538de25649f6788af8ff48a6bde5fbec7fe4

  • SHA256

    577cc571f5ca8f1125dcacd9110f4e7da90e881d469533740943438fe256334f

  • SHA512

    a51fc3f373f5f57bde7d522c824d7d73cb2d8f7b78b27a65e18e80fe18334d27a35e40f55c5096362d6cca6c79ec81981a20236e0ebf3e1d205253a08f96c326

  • SSDEEP

    3072:VKzwSpGbGb6JUBGnvZHpXtNLdZkkVYaZvLStH/h7yc2dK2E5j4oQlR:w8jbGb6JaGnvZZtNLdZkRapLmH8c2dCd

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      577cc571f5ca8f1125dcacd9110f4e7da90e881d469533740943438fe256334f

    • Size

      156KB

    • MD5

      70cc302775a0be9657249afebecdaed0

    • SHA1

      67b4538de25649f6788af8ff48a6bde5fbec7fe4

    • SHA256

      577cc571f5ca8f1125dcacd9110f4e7da90e881d469533740943438fe256334f

    • SHA512

      a51fc3f373f5f57bde7d522c824d7d73cb2d8f7b78b27a65e18e80fe18334d27a35e40f55c5096362d6cca6c79ec81981a20236e0ebf3e1d205253a08f96c326

    • SSDEEP

      3072:VKzwSpGbGb6JUBGnvZHpXtNLdZkkVYaZvLStH/h7yc2dK2E5j4oQlR:w8jbGb6JaGnvZZtNLdZkRapLmH8c2dCd

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks