Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e1a2f51dadfee7a296d8c0fa2941c58313724d5158a483756d9814a028ba8924

  • Size

    305KB

  • Sample

    221125-tctlgscg4s

  • MD5

    a750e2f4ae05402949bb137a265fb170

  • SHA1

    cbcffb2851eff56376d4b57dd9ae6e2608625d88

  • SHA256

    e1a2f51dadfee7a296d8c0fa2941c58313724d5158a483756d9814a028ba8924

  • SHA512

    601933eeb8c5163cf198f9019a8f9459b4f1b79082bc50fada5e5f2e8aab2952fbc5f1fb55950a2cd1129e04294293348601a9d3c5e0317d356dd162562f3364

  • SSDEEP

    6144:MAfMSIUI4fyB6szPXz4lk1ZIR7KySE76cseR0:MmMSIifyRPXclk1ZgKEGcseR0

Score
8/10

Malware Config

Targets

    • Target

      e1a2f51dadfee7a296d8c0fa2941c58313724d5158a483756d9814a028ba8924

    • Size

      305KB

    • MD5

      a750e2f4ae05402949bb137a265fb170

    • SHA1

      cbcffb2851eff56376d4b57dd9ae6e2608625d88

    • SHA256

      e1a2f51dadfee7a296d8c0fa2941c58313724d5158a483756d9814a028ba8924

    • SHA512

      601933eeb8c5163cf198f9019a8f9459b4f1b79082bc50fada5e5f2e8aab2952fbc5f1fb55950a2cd1129e04294293348601a9d3c5e0317d356dd162562f3364

    • SSDEEP

      6144:MAfMSIUI4fyB6szPXz4lk1ZIR7KySE76cseR0:MmMSIifyRPXclk1ZgKEGcseR0

    Score
    8/10
    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks