Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

89caaf48d9...9f.exe

windows7-x64

10

89caaf48d9...9f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    89caaf48d98052efd16194c60017beac31946b906aa29a564a96b9af5b5b189f

  • Size

    334KB

  • Sample

    221106-qc1s1seheq

  • MD5

    0efd3a0125f336e49c14d2a87dc22802

  • SHA1

    05339ba9a1c955e176ae52deb35f72df10b7803f

  • SHA256

    89caaf48d98052efd16194c60017beac31946b906aa29a564a96b9af5b5b189f

  • SHA512

    879ad312a299123556f5b6e254223c85b6e321f52c08aed4c9a1f9470314d22e25a68c983d57fa4019f4f78350ad194569bdf39dfa76f1779751d1b5d9f1810d

  • SSDEEP

    6144:gDCwfG1bnxG8M58+DCwfG1bnxG8M58FqvA:g72bnI55X72bnI55cqvA

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      89caaf48d98052efd16194c60017beac31946b906aa29a564a96b9af5b5b189f

    • Size

      334KB

    • MD5

      0efd3a0125f336e49c14d2a87dc22802

    • SHA1

      05339ba9a1c955e176ae52deb35f72df10b7803f

    • SHA256

      89caaf48d98052efd16194c60017beac31946b906aa29a564a96b9af5b5b189f

    • SHA512

      879ad312a299123556f5b6e254223c85b6e321f52c08aed4c9a1f9470314d22e25a68c983d57fa4019f4f78350ad194569bdf39dfa76f1779751d1b5d9f1810d

    • SSDEEP

      6144:gDCwfG1bnxG8M58+DCwfG1bnxG8M58FqvA:g72bnI55X72bnI55cqvA

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Adds policy Run key to start application

      persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks