Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

c1c9cbfea0...2e.exe

windows7-x64

8

c1c9cbfea0...2e.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c1c9cbfea0423118c876a59d4f6368449af98c520bbfa86c45b2d381db58542e

  • Size

    395KB

  • Sample

    221127-qa7hsade91

  • MD5

    64ae49b76e77e91648702ec307366574

  • SHA1

    c3caacaa85a4e1264055b7b58e51942035c1b63d

  • SHA256

    c1c9cbfea0423118c876a59d4f6368449af98c520bbfa86c45b2d381db58542e

  • SHA512

    7d72c6ebe3899b25ab4da8b48799ff8fb6d9061b758064ea6179973153d9c759fc35808901a23c8d05e102ec0e903c34f5339737ee9e75587ee50694c019f39b

  • SSDEEP

    3072:uI3YNRJObPbVvz6LCntoiZQQFKAYiVWMHbzJLTpOegl9DywuINy6TKzm9E2Gktg1:5aRJObALCntHQQ0D2uFOfL36

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      c1c9cbfea0423118c876a59d4f6368449af98c520bbfa86c45b2d381db58542e

    • Size

      395KB

    • MD5

      64ae49b76e77e91648702ec307366574

    • SHA1

      c3caacaa85a4e1264055b7b58e51942035c1b63d

    • SHA256

      c1c9cbfea0423118c876a59d4f6368449af98c520bbfa86c45b2d381db58542e

    • SHA512

      7d72c6ebe3899b25ab4da8b48799ff8fb6d9061b758064ea6179973153d9c759fc35808901a23c8d05e102ec0e903c34f5339737ee9e75587ee50694c019f39b

    • SSDEEP

      3072:uI3YNRJObPbVvz6LCntoiZQQFKAYiVWMHbzJLTpOegl9DywuINy6TKzm9E2Gktg1:5aRJObALCntHQQ0D2uFOfL36

    Score
    8/10
    evasionpersistence

    • Executes dropped EXE

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks