Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a4c18f72f80949c26e154dce20c5acd9891fc1c89891060c69486ceadd1a75b9

  • Size

    484KB

  • Sample

    221021-fe7dgacedn

  • MD5

    656edb8f3d3b124a7c28a70b39d67179

  • SHA1

    b8382b930a3be717d2c371e4c0c00e2bf6f08c01

  • SHA256

    a4c18f72f80949c26e154dce20c5acd9891fc1c89891060c69486ceadd1a75b9

  • SHA512

    6b6f22d2adb9733453dc032a614d44fcaa2fd9d567b57d686ce90fe6f78a733e2276df38683bd5ee14ac6ab6dd98309cafd7bb5dde838674e181d6d1e8b8be26

  • SSDEEP

    12288:RoUld/f2I9JECdYW4/e4Pii15XZSAmKjlafbdDNUQ:h92ILECd0R15XZS3QafpDNUQ

Score
10/10

Malware Config

Targets

    • Target

      a4c18f72f80949c26e154dce20c5acd9891fc1c89891060c69486ceadd1a75b9

    • Size

      484KB

    • MD5

      656edb8f3d3b124a7c28a70b39d67179

    • SHA1

      b8382b930a3be717d2c371e4c0c00e2bf6f08c01

    • SHA256

      a4c18f72f80949c26e154dce20c5acd9891fc1c89891060c69486ceadd1a75b9

    • SHA512

      6b6f22d2adb9733453dc032a614d44fcaa2fd9d567b57d686ce90fe6f78a733e2276df38683bd5ee14ac6ab6dd98309cafd7bb5dde838674e181d6d1e8b8be26

    • SSDEEP

      12288:RoUld/f2I9JECdYW4/e4Pii15XZSAmKjlafbdDNUQ:h92ILECd0R15XZS3QafpDNUQ

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks