Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2817d65c0ab640b500137372966ed9dcf8506b9a2415742c7c1824d4edb6e323

  • Size

    73KB

  • Sample

    221201-f6wfaahb43

  • MD5

    f8b6ce4dc6e3a0a0230c9906cc57cc5f

  • SHA1

    071e5e9063b5dff5433677c46c794626fe6fbcc2

  • SHA256

    2817d65c0ab640b500137372966ed9dcf8506b9a2415742c7c1824d4edb6e323

  • SHA512

    4f7e16cd1d487eedb40fc5b4e9b9b358bb6d52fa830d75616e6ba3a0a77642a8b6634d74ecdfba918d7af044ac6279e9709ab6d6d4136a501698db5347c84047

  • SSDEEP

    1536:XZqCO2BfXgTjwwy4rsp8JzEi5o0FfmGsG7rW/raJ90Qg8bd:XU2NgVnEQomlrW/cPgcd

Score
10/10

Malware Config

Targets

    • Target

      2817d65c0ab640b500137372966ed9dcf8506b9a2415742c7c1824d4edb6e323

    • Size

      73KB

    • MD5

      f8b6ce4dc6e3a0a0230c9906cc57cc5f

    • SHA1

      071e5e9063b5dff5433677c46c794626fe6fbcc2

    • SHA256

      2817d65c0ab640b500137372966ed9dcf8506b9a2415742c7c1824d4edb6e323

    • SHA512

      4f7e16cd1d487eedb40fc5b4e9b9b358bb6d52fa830d75616e6ba3a0a77642a8b6634d74ecdfba918d7af044ac6279e9709ab6d6d4136a501698db5347c84047

    • SSDEEP

      1536:XZqCO2BfXgTjwwy4rsp8JzEi5o0FfmGsG7rW/raJ90Qg8bd:XU2NgVnEQomlrW/cPgcd

    Score
    10/10
    • Modifies firewall policy service

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks