Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

74d065cb68...06.exe

windows7-x64

10

74d065cb68...06.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    74d065cb68f2227f628d1c0fe32fa6169742b30e31cd6e590c04ec4f6bdbaa06

  • Size

    184KB

  • Sample

    221106-qddd4scgc3

  • MD5

    0d3cdfe1e28e154dd45e5352c7ee4c4b

  • SHA1

    544caea70a385753381554a299924960fc77b668

  • SHA256

    74d065cb68f2227f628d1c0fe32fa6169742b30e31cd6e590c04ec4f6bdbaa06

  • SHA512

    026712e5fcda55f89acb2d900d070e7eb02f54f47bfa95a7e53f3c7091bb12af1467820879137da6167bcd60495615f9b263691bad5154de8ff53c6c1a297b85

  • SSDEEP

    3072:obpDCw1p3vmLvsZIaVwiwDcIbDHDCm/DELU31fIcPh3GFtD:gDCwfG1bnxLED24tD

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      74d065cb68f2227f628d1c0fe32fa6169742b30e31cd6e590c04ec4f6bdbaa06

    • Size

      184KB

    • MD5

      0d3cdfe1e28e154dd45e5352c7ee4c4b

    • SHA1

      544caea70a385753381554a299924960fc77b668

    • SHA256

      74d065cb68f2227f628d1c0fe32fa6169742b30e31cd6e590c04ec4f6bdbaa06

    • SHA512

      026712e5fcda55f89acb2d900d070e7eb02f54f47bfa95a7e53f3c7091bb12af1467820879137da6167bcd60495615f9b263691bad5154de8ff53c6c1a297b85

    • SSDEEP

      3072:obpDCw1p3vmLvsZIaVwiwDcIbDHDCm/DELU31fIcPh3GFtD:gDCwfG1bnxLED24tD

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Adds policy Run key to start application

      persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks