Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

b26efaf760...c7.exe

windows7-x64

8

b26efaf760...c7.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b26efaf760bce49571ac68ca8a086e56cf411a0098ab6fd92dc76427ed1638c7

  • Size

    3.7MB

  • Sample

    221127-wz4fbach8v

  • MD5

    59f973362a017d73908f1b5e644b3e92

  • SHA1

    7587ec3ccb0f63f2d454d39f96a9888d6b29e3fe

  • SHA256

    b26efaf760bce49571ac68ca8a086e56cf411a0098ab6fd92dc76427ed1638c7

  • SHA512

    9e58ad431d75f1586f43a1c31f95ddef22c68cdf6f83e41af146ab8c562e41488558f463a24d65c627ab16180add38137ca68e48620b7592b7dd621760c36765

  • SSDEEP

    49152:GKONXlQJ6NB9gA+FnLl3CeMwFZ0+TmM3HuETOsmVF8I8fD9vxBtCKd9EZ:oNJH+xLtCGtirsmb8vRZBLYZ

Score
8/10
persistence

Malware Config

Targets

    • Target

      b26efaf760bce49571ac68ca8a086e56cf411a0098ab6fd92dc76427ed1638c7

    • Size

      3.7MB

    • MD5

      59f973362a017d73908f1b5e644b3e92

    • SHA1

      7587ec3ccb0f63f2d454d39f96a9888d6b29e3fe

    • SHA256

      b26efaf760bce49571ac68ca8a086e56cf411a0098ab6fd92dc76427ed1638c7

    • SHA512

      9e58ad431d75f1586f43a1c31f95ddef22c68cdf6f83e41af146ab8c562e41488558f463a24d65c627ab16180add38137ca68e48620b7592b7dd621760c36765

    • SSDEEP

      49152:GKONXlQJ6NB9gA+FnLl3CeMwFZ0+TmM3HuETOsmVF8I8fD9vxBtCKd9EZ:oNJH+xLtCGtirsmb8vRZBLYZ

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks