Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

25/10/2022, 08:28

221025-kc4l1scac4 5

25/10/2022, 08:07

221025-jzze5scabj 10

General

  • Target

    8237036400.zip

  • Size

    137KB

  • Sample

    221025-jzze5scabj

  • MD5

    fd4ca747dd49b75366b0df7358262c33

  • SHA1

    18e801a7a742b30073dbe717f797e225462537a0

  • SHA256

    6b375dbe5a71358422e1f667e00b4c9180d657799b8f4940eefc8d14653b536a

  • SHA512

    8bc04b536aca7ef6a4bed1596c1947a07a44e24ff522a337ad6776a3b796a7093820a6fb454b68b6299f3236754e35cfc1839eb75be3cd8827e4368f3b4955cd

  • SSDEEP

    3072:RxHXaBqXNj/l7Uss1lz4Vtp88R9pBQ2n/PhaRXTYc4rUy1T:RJoqnZaq8uBt/PETYPrUAT

Score
10/10

Malware Config

Targets

    • Target

      45f293b1b5a4aaec48ac943696302bac9c893867f1fc282e85ed8341dd2f0f50

    • Size

      143KB

    • MD5

      f769f67681707e8f69ecdf9e62fb944c

    • SHA1

      c5f6a48fa52a279e1f3424b97662b479716229af

    • SHA256

      45f293b1b5a4aaec48ac943696302bac9c893867f1fc282e85ed8341dd2f0f50

    • SHA512

      779caa9c7efac57edc6078d212b04a930d66fa10b50967bb1b9131c9e240f40f09e6f81812583770e7ffac51d7d0e23b57e20e6a7719d73ab2f1673cb17943a9

    • SSDEEP

      3072:2e3HSOTf6Mqfb041n8Vj9SmUNRzw16vDhLfByVBZsqnCVL:2eiObpS1nY9fqzjvDZoDsqngL

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks