Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

Shade UA/ShadeUA.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Shade_UA.zip

  • Size

    8.3MB

  • Sample

    221103-z58h1afce6

  • MD5

    5f61fb849414de4863ed6115e3e26780

  • SHA1

    5ad62b0bae6504e8eeaf13d9512ac156f50554e1

  • SHA256

    21398a701e53f8379cc95a0acf2f648dfdff9f8557c42a8397242c6cd804a57a

  • SHA512

    b57a0b60edc592404570769b3d802a66702a6da8a0ba536d93357a077bb3850c6d0d5634b96fdc8589cc608c641a7d7ca64913ecdcdf5ee8b23c3545584854f0

  • SSDEEP

    196608:w9TjuAcsDBhlucbbqolzvsc7k+UJNxtj8CEqqaa:w9TjuAc0qoJhUXnYCih

Score
7/10

Malware Config

Targets

    • Target

      Shade UA/ShadeUA.exe

    • Size

      8.3MB

    • MD5

      cd8ccfd9005253635e6758436a5379ec

    • SHA1

      57108d2514d72af2d3202b29bf047d61cae36c61

    • SHA256

      5f342f1acf20d3ae47125c126a5361c202988a8e753b7b9d4d57967808637361

    • SHA512

      880b26589c36c930c8072034c4b1e190d7adba6a1e1948ccb3d65f8c779a1a2c5e0fe49b0d56d5274790de5763d719ecac979fb9bbc9a18b58d6b22d1760584d

    • SSDEEP

      196608:i9TjuAcsDBhlucbbqolzvsc7k+UJNxtj8CEqqa:i9TjuAc0qoJhUXnYCi

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks