Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8a47f22324c992de1a575a3380157a69784d20e438e98401d8d6728f4f2f06ae

  • Size

    323KB

  • Sample

    221107-bpdfxsdear

  • MD5

    060bbbcd3963eb24d07ca1de2f85c670

  • SHA1

    c69df2e3b28fc02926c26e25ccef95c8543886db

  • SHA256

    8a47f22324c992de1a575a3380157a69784d20e438e98401d8d6728f4f2f06ae

  • SHA512

    a3419b46e63aabf730ee61a172e315608f6841caadf4a014c8a162676028cc424720033ddede6d040e5327d86d3d8c8ff5aa721297b54d404a38c1792b2dec8e

  • SSDEEP

    6144:MDRgvR2pZRhXQLOzSE8x2OZZGDvMOjWkfJBpybuqq0K5Mxn:MDRTXjXQ6zSE8xnavjKkfJ7yFq0K5yn

Score
10/10

Malware Config

Targets

    • Target

      8a47f22324c992de1a575a3380157a69784d20e438e98401d8d6728f4f2f06ae

    • Size

      323KB

    • MD5

      060bbbcd3963eb24d07ca1de2f85c670

    • SHA1

      c69df2e3b28fc02926c26e25ccef95c8543886db

    • SHA256

      8a47f22324c992de1a575a3380157a69784d20e438e98401d8d6728f4f2f06ae

    • SHA512

      a3419b46e63aabf730ee61a172e315608f6841caadf4a014c8a162676028cc424720033ddede6d040e5327d86d3d8c8ff5aa721297b54d404a38c1792b2dec8e

    • SSDEEP

      6144:MDRgvR2pZRhXQLOzSE8x2OZZGDvMOjWkfJBpybuqq0K5Mxn:MDRTXjXQ6zSE8xnavjKkfJ7yFq0K5yn

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Sets file execution options in registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks