Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    80c4295d0116b0862ac0e56a8331be3c.exe

  • Size

    837KB

  • Sample

    221027-kap1vabec9

  • MD5

    80c4295d0116b0862ac0e56a8331be3c

  • SHA1

    f3186c21cf7f4fd73b455c83949b7bf05bd4cd17

  • SHA256

    cd71732fc0073cf2dd0af243f6b10b3ec0d2cd19e9ba6b2e7e9b82d08f313a7d

  • SHA512

    cdecee2d70d07c8f51231fd98b932eb8acac5ba8200802943aef36ff4c6e0e0d22934acaa102aa7fa4be66bd7444ecf07214a9399ae07b23a5881653b5aa0a08

  • SSDEEP

    6144:XIRmE/X7jGO8QdFKNEvLtRr0NSYb4Tb7+6sh3ElQ+fu5mbw9H9TH2v4ZEOg3qRqe:knJTzdbath35584mOAqk3+o8O8oo

Score
8/10

Malware Config

Targets

    • Target

      80c4295d0116b0862ac0e56a8331be3c.exe

    • Size

      837KB

    • MD5

      80c4295d0116b0862ac0e56a8331be3c

    • SHA1

      f3186c21cf7f4fd73b455c83949b7bf05bd4cd17

    • SHA256

      cd71732fc0073cf2dd0af243f6b10b3ec0d2cd19e9ba6b2e7e9b82d08f313a7d

    • SHA512

      cdecee2d70d07c8f51231fd98b932eb8acac5ba8200802943aef36ff4c6e0e0d22934acaa102aa7fa4be66bd7444ecf07214a9399ae07b23a5881653b5aa0a08

    • SSDEEP

      6144:XIRmE/X7jGO8QdFKNEvLtRr0NSYb4Tb7+6sh3ElQ+fu5mbw9H9TH2v4ZEOg3qRqe:knJTzdbath35584mOAqk3+o8O8oo

    Score
    8/10
    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks