Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b61113a101264a182627e3289814af4e2b8dcf894bc33b79bcfa2a4b4030ca43

  • Size

    228KB

  • Sample

    221029-31amysdcan

  • MD5

    93f30abf52bf32ebf0501735cdc671d5

  • SHA1

    1ad956da1a1b999901c50ace9f8025ffc5a18c02

  • SHA256

    b61113a101264a182627e3289814af4e2b8dcf894bc33b79bcfa2a4b4030ca43

  • SHA512

    20c89e7df16bd0c8437363aa5735034dd83051a17f218b127a5d332662fcdf431fd592c07e867c67019cdb65023fb58ef506c7088b0f982514de24c342e95539

  • SSDEEP

    3072:afC3KOFCsv/CL0ns7bFtRdVWCyiHCN1ps7:v3RIsi1HFj/WCyiHCNfs

Score
10/10

Malware Config

Targets

    • Target

      b61113a101264a182627e3289814af4e2b8dcf894bc33b79bcfa2a4b4030ca43

    • Size

      228KB

    • MD5

      93f30abf52bf32ebf0501735cdc671d5

    • SHA1

      1ad956da1a1b999901c50ace9f8025ffc5a18c02

    • SHA256

      b61113a101264a182627e3289814af4e2b8dcf894bc33b79bcfa2a4b4030ca43

    • SHA512

      20c89e7df16bd0c8437363aa5735034dd83051a17f218b127a5d332662fcdf431fd592c07e867c67019cdb65023fb58ef506c7088b0f982514de24c342e95539

    • SSDEEP

      3072:afC3KOFCsv/CL0ns7bFtRdVWCyiHCN1ps7:v3RIsi1HFj/WCyiHCNfs

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks