Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

fef90a227d...ec.exe

windows7-x64

9

fef90a227d...ec.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fef90a227dc805fcc9ec97b93f2b895717fed9a9e42e5da7ee19508ed4a6c7ec

  • Size

    662KB

  • Sample

    221129-h77k2sbg6x

  • MD5

    907484988e9531f7cb82ef064aa04179

  • SHA1

    bd76cca5858b51550b632016a0481ae2efc86f65

  • SHA256

    fef90a227dc805fcc9ec97b93f2b895717fed9a9e42e5da7ee19508ed4a6c7ec

  • SHA512

    bf6bab4ba32e9d9c64585afcbd2ad578ebbc665d71f6f442f91d92f6049644610f75a164c905afe622bf9e93e0078a10cf51e6a9109e2b5607941aaa51324f0a

  • SSDEEP

    12288:fiPPUO8GsWlkaEEsev50ngJOEi6U/9lAArgD+VTtewSPQweKCDExR:6G47XvbEEKTteB4ECD4R

Score
9/10
persistence

Malware Config

Targets

    • Target

      fef90a227dc805fcc9ec97b93f2b895717fed9a9e42e5da7ee19508ed4a6c7ec

    • Size

      662KB

    • MD5

      907484988e9531f7cb82ef064aa04179

    • SHA1

      bd76cca5858b51550b632016a0481ae2efc86f65

    • SHA256

      fef90a227dc805fcc9ec97b93f2b895717fed9a9e42e5da7ee19508ed4a6c7ec

    • SHA512

      bf6bab4ba32e9d9c64585afcbd2ad578ebbc665d71f6f442f91d92f6049644610f75a164c905afe622bf9e93e0078a10cf51e6a9109e2b5607941aaa51324f0a

    • SSDEEP

      12288:fiPPUO8GsWlkaEEsev50ngJOEi6U/9lAArgD+VTtewSPQweKCDExR:6G47XvbEEKTteB4ECD4R

    Score
    9/10
    persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks