Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

57bdf55ccf...7a.exe

windows7-x64

8

57bdf55ccf...7a.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    57bdf55ccf70525364a33e49f08416b19574ac5b79912058fa8eab4ee7f74e7a

  • Size

    48KB

  • Sample

    221127-15419agd5s

  • MD5

    5e40287b405db22720f27ac2e755f62c

  • SHA1

    0fbb9e771cf105d511203a1eb7298889c187886b

  • SHA256

    57bdf55ccf70525364a33e49f08416b19574ac5b79912058fa8eab4ee7f74e7a

  • SHA512

    3655ca361f2481b6012685b27ca4146c8f6f3eb119976fb43ccff0f1fb1d69b7525617cf5924cb52f359d43e9527828071a8a4e75781efb533b9d9c937980bc1

  • SSDEEP

    768:h6Hde8l56HC4kr5Jp9jdQJT/W4fc+FMANK076/VEXLn2I186C:Udj8HzIJ7wT/WicbANK0O/uPW

Score
10/10
runningratpersistence

Malware Config

Targets

    • Target

      57bdf55ccf70525364a33e49f08416b19574ac5b79912058fa8eab4ee7f74e7a

    • Size

      48KB

    • MD5

      5e40287b405db22720f27ac2e755f62c

    • SHA1

      0fbb9e771cf105d511203a1eb7298889c187886b

    • SHA256

      57bdf55ccf70525364a33e49f08416b19574ac5b79912058fa8eab4ee7f74e7a

    • SHA512

      3655ca361f2481b6012685b27ca4146c8f6f3eb119976fb43ccff0f1fb1d69b7525617cf5924cb52f359d43e9527828071a8a4e75781efb533b9d9c937980bc1

    • SSDEEP

      768:h6Hde8l56HC4kr5Jp9jdQJT/W4fc+FMANK076/VEXLn2I186C:Udj8HzIJ7wT/WicbANK0O/uPW

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Sets DLL path for service in the registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Creates a Windows Service

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks