Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6852d87bab...27.exe

windows7-x64

8

6852d87bab...27.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6852d87bab89558e673fbf69265db81fc2917e6de647c466c2135a04362bfb27

  • Size

    20KB

  • Sample

    221107-cpgn1sfafk

  • MD5

    15a07b5cf414586ecee046a8894540a0

  • SHA1

    5b3cf96dac2178d333ad8ff0482119ffd6e970a6

  • SHA256

    6852d87bab89558e673fbf69265db81fc2917e6de647c466c2135a04362bfb27

  • SHA512

    22ed644161c2f6a17fa51caf2dc91f8e16a2d6dd8c68284756fe6de6d04dc1c3f6f9cc782043e06bec60835e62e0aa05ad781a445ed130496a3fb31a51908bcb

  • SSDEEP

    192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBi8Eq/7d:1M3PnQoHDCpHf4I4Qwdc0G5KDJvE2h

Score
8/10

Malware Config

Targets

    • Target

      6852d87bab89558e673fbf69265db81fc2917e6de647c466c2135a04362bfb27

    • Size

      20KB

    • MD5

      15a07b5cf414586ecee046a8894540a0

    • SHA1

      5b3cf96dac2178d333ad8ff0482119ffd6e970a6

    • SHA256

      6852d87bab89558e673fbf69265db81fc2917e6de647c466c2135a04362bfb27

    • SHA512

      22ed644161c2f6a17fa51caf2dc91f8e16a2d6dd8c68284756fe6de6d04dc1c3f6f9cc782043e06bec60835e62e0aa05ad781a445ed130496a3fb31a51908bcb

    • SSDEEP

      192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBi8Eq/7d:1M3PnQoHDCpHf4I4Qwdc0G5KDJvE2h

    Score
    8/10

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks