Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5fc5c71df2d5ca00bfb0732351a8aac2c7b3e32c6f871c7ebe781b77e226717b

  • Size

    512KB

  • Sample

    221121-slwlrsae2x

  • MD5

    22bdc1774f32565d23c36e3d118097dc

  • SHA1

    8e212378366104fc9bae24fcffd9f97a88227c63

  • SHA256

    5fc5c71df2d5ca00bfb0732351a8aac2c7b3e32c6f871c7ebe781b77e226717b

  • SHA512

    c97c2ec052d99266ef8582400ab0dfa832882592b0a38441bafc452bdc0dad5a84d207a3e6a846f192e88164766f98498947335c83787fd17d4f15897dd8fb58

  • SSDEEP

    12288:b1dlZo5yUkDRZKlxJ9eCn9BoF/HtMB56R+nh6TnACZC5I+:b1dlZo5EDoxf6pHSb63UI0I+

Score
8/10

Malware Config

Targets

    • Target

      5fc5c71df2d5ca00bfb0732351a8aac2c7b3e32c6f871c7ebe781b77e226717b

    • Size

      512KB

    • MD5

      22bdc1774f32565d23c36e3d118097dc

    • SHA1

      8e212378366104fc9bae24fcffd9f97a88227c63

    • SHA256

      5fc5c71df2d5ca00bfb0732351a8aac2c7b3e32c6f871c7ebe781b77e226717b

    • SHA512

      c97c2ec052d99266ef8582400ab0dfa832882592b0a38441bafc452bdc0dad5a84d207a3e6a846f192e88164766f98498947335c83787fd17d4f15897dd8fb58

    • SSDEEP

      12288:b1dlZo5yUkDRZKlxJ9eCn9BoF/HtMB56R+nh6TnACZC5I+:b1dlZo5EDoxf6pHSb63UI0I+

    Score
    8/10
    • Adds policy Run key to start application

    • Executes dropped EXE

    • Modifies Installed Components in the registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks