Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

9da1a60c0e...a3.exe

windows7-x64

10

9da1a60c0e...a3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9da1a60c0e8cc6617bc6914fa90bf872d429f29737c6642dca93e89624d222a3

  • Size

    2.5MB

  • Sample

    221122-afx9asfg9y

  • MD5

    bf688793e16f1ea4b47485eb4e300732

  • SHA1

    49492aac20acd8aad8653fd51cf32db2d7ed793a

  • SHA256

    9da1a60c0e8cc6617bc6914fa90bf872d429f29737c6642dca93e89624d222a3

  • SHA512

    2faf5f62f5b37c4e297b0e0138827bb513498733e3ba1cab90c5314f370cd9f3871d3a75fc0ec420e46d2dd8f21a7f29c4c32771991e4e9d7b83a4863eafefc9

  • SSDEEP

    49152:FAkTgcnfxMgwMm+UQcBmQHVfgRzFqERllxEUutt8NblIcttRWay+lsIiG0Q5lzQp:CkIgwmUQUmc4ibtOxCct+EhiG0SlS

Score
10/10
persistence

Malware Config

Targets

    • Target

      9da1a60c0e8cc6617bc6914fa90bf872d429f29737c6642dca93e89624d222a3

    • Size

      2.5MB

    • MD5

      bf688793e16f1ea4b47485eb4e300732

    • SHA1

      49492aac20acd8aad8653fd51cf32db2d7ed793a

    • SHA256

      9da1a60c0e8cc6617bc6914fa90bf872d429f29737c6642dca93e89624d222a3

    • SHA512

      2faf5f62f5b37c4e297b0e0138827bb513498733e3ba1cab90c5314f370cd9f3871d3a75fc0ec420e46d2dd8f21a7f29c4c32771991e4e9d7b83a4863eafefc9

    • SSDEEP

      49152:FAkTgcnfxMgwMm+UQcBmQHVfgRzFqERllxEUutt8NblIcttRWay+lsIiG0Q5lzQp:CkIgwmUQUmc4ibtOxCct+EhiG0SlS

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks