Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

95bd4beb4d...80.exe

windows7-x64

8

95bd4beb4d...80.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    95bd4beb4d058b5baf774157ccd61d5e2dc82ecbfb5284afb398278a8a7d8680

  • Size

    260KB

  • Sample

    221201-bbqt4aaf65

  • MD5

    48d3f9e31d52781d4468f651eef98e43

  • SHA1

    d5907d581139af9b9b7e022a5927612e1fe7c6ed

  • SHA256

    95bd4beb4d058b5baf774157ccd61d5e2dc82ecbfb5284afb398278a8a7d8680

  • SHA512

    1dc6ec68a2b466139184b853f57ad1b6f7eed0cfd713b008237d076445afcafbea0e656e97c695665965597340c6934d80386a413ef5bec3229221a346bcd0c7

  • SSDEEP

    6144:c58EwEH8Iq1DFMBgsNv16xA99oJdId8R1tU:c58kH811DiB72Ws6d

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      95bd4beb4d058b5baf774157ccd61d5e2dc82ecbfb5284afb398278a8a7d8680

    • Size

      260KB

    • MD5

      48d3f9e31d52781d4468f651eef98e43

    • SHA1

      d5907d581139af9b9b7e022a5927612e1fe7c6ed

    • SHA256

      95bd4beb4d058b5baf774157ccd61d5e2dc82ecbfb5284afb398278a8a7d8680

    • SHA512

      1dc6ec68a2b466139184b853f57ad1b6f7eed0cfd713b008237d076445afcafbea0e656e97c695665965597340c6934d80386a413ef5bec3229221a346bcd0c7

    • SSDEEP

      6144:c58EwEH8Iq1DFMBgsNv16xA99oJdId8R1tU:c58kH811DiB72Ws6d

    Score
    8/10
    persistenceupx

    • Adds policy Run key to start application

      persistence

    • Executes dropped EXE

    • Modifies Installed Components in the registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks