Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5ecfa72f7d...dc.exe

windows7-x64

10

5ecfa72f7d...dc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5ecfa72f7d87ec8d07da4d2cc2f4c2fcf8f0a603d00f42ab2200298cddf9ffdc

  • Size

    88KB

  • Sample

    221201-3yjg3sdd82

  • MD5

    1179b76817a9f6f07639e0eb53902d60

  • SHA1

    e4d54969ca5375ff93cf5c149572ac251112fe2a

  • SHA256

    5ecfa72f7d87ec8d07da4d2cc2f4c2fcf8f0a603d00f42ab2200298cddf9ffdc

  • SHA512

    a3b69163af9ccc52b9c62f43c3b31af07ac917ab339d63091d8ff4b411e82dc4e4ea9d085a91e8d0c7b20b512df0d64b873517e355ffbe72ea722b41d8ed229e

  • SSDEEP

    1536:D1iFcUlKtAZGitxt2m2fif2By+cXKHsu/sEmoIN8jgj:8FJlKtAZGUtfyXBIXKEEmoIyjg

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      5ecfa72f7d87ec8d07da4d2cc2f4c2fcf8f0a603d00f42ab2200298cddf9ffdc

    • Size

      88KB

    • MD5

      1179b76817a9f6f07639e0eb53902d60

    • SHA1

      e4d54969ca5375ff93cf5c149572ac251112fe2a

    • SHA256

      5ecfa72f7d87ec8d07da4d2cc2f4c2fcf8f0a603d00f42ab2200298cddf9ffdc

    • SHA512

      a3b69163af9ccc52b9c62f43c3b31af07ac917ab339d63091d8ff4b411e82dc4e4ea9d085a91e8d0c7b20b512df0d64b873517e355ffbe72ea722b41d8ed229e

    • SSDEEP

      1536:D1iFcUlKtAZGitxt2m2fif2By+cXKHsu/sEmoIN8jgj:8FJlKtAZGUtfyXBIXKEEmoIyjg

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks