Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c02203437779a081a84da1dff52e2b0a2c4b161d37172afd9b97dc2bfcedbc3a

  • Size

    20KB

  • Sample

    221107-cn6azscfg4

  • MD5

    0eb476444927e26b1558507de48778a0

  • SHA1

    6a0a7c7a191ca784da5d9906bd4aa77c9dbd17ae

  • SHA256

    c02203437779a081a84da1dff52e2b0a2c4b161d37172afd9b97dc2bfcedbc3a

  • SHA512

    98f233021ff58fe36f4afca1be92fe34a39123f0b8b6dd7f1f289a41e1af95951d8a8501aed44a010b6d9d859b1ab0d744ae376addfa398500d3b07b6752ee9d

  • SSDEEP

    192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBdq:1M3PnQoHDCpHf4I4Qwdc0G5KDJS

Score
8/10

Malware Config

Targets

    • Target

      c02203437779a081a84da1dff52e2b0a2c4b161d37172afd9b97dc2bfcedbc3a

    • Size

      20KB

    • MD5

      0eb476444927e26b1558507de48778a0

    • SHA1

      6a0a7c7a191ca784da5d9906bd4aa77c9dbd17ae

    • SHA256

      c02203437779a081a84da1dff52e2b0a2c4b161d37172afd9b97dc2bfcedbc3a

    • SHA512

      98f233021ff58fe36f4afca1be92fe34a39123f0b8b6dd7f1f289a41e1af95951d8a8501aed44a010b6d9d859b1ab0d744ae376addfa398500d3b07b6752ee9d

    • SSDEEP

      192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBdq:1M3PnQoHDCpHf4I4Qwdc0G5KDJS

    Score
    8/10
    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks