Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    48fd638afdd90873af1e76b1bb8795f633dc684862c453a74a55056734f43e0c

  • Size

    628KB

  • Sample

    221129-glykksbe95

  • MD5

    08922375cc15814566a10af3e3ee0500

  • SHA1

    54c653d3ee88bbb0873db3a4c26490bdf9128706

  • SHA256

    48fd638afdd90873af1e76b1bb8795f633dc684862c453a74a55056734f43e0c

  • SHA512

    1f2eb6d7d09489cc5f5cc469841806238406f37dc87b1be70820478d566224374592682f208a6667e306b7a3ca03a7f769f95f9fe44ab36087c76fb84d3f554c

  • SSDEEP

    12288:ON+LbOurqW8AuLexBtRDgNCrrxHeGCcD:NOurqW8AuL8fD4CrrsGCcD

Score
8/10

Malware Config

Targets

    • Target

      48fd638afdd90873af1e76b1bb8795f633dc684862c453a74a55056734f43e0c

    • Size

      628KB

    • MD5

      08922375cc15814566a10af3e3ee0500

    • SHA1

      54c653d3ee88bbb0873db3a4c26490bdf9128706

    • SHA256

      48fd638afdd90873af1e76b1bb8795f633dc684862c453a74a55056734f43e0c

    • SHA512

      1f2eb6d7d09489cc5f5cc469841806238406f37dc87b1be70820478d566224374592682f208a6667e306b7a3ca03a7f769f95f9fe44ab36087c76fb84d3f554c

    • SSDEEP

      12288:ON+LbOurqW8AuLexBtRDgNCrrxHeGCcD:NOurqW8AuL8fD4CrrsGCcD

    Score
    8/10
    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks