Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

15691e6507...a9.exe

windows7-x64

8

15691e6507...a9.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    15691e650781c89e7d1403efb624211918fc357e541870bf84d10358b0e8a3a9

  • Size

    94KB

  • Sample

    221201-gmwglsaf24

  • MD5

    060819024e6b559470998f581a905fb0

  • SHA1

    05920c474d50496992e6a569f8152b89c0f6128b

  • SHA256

    15691e650781c89e7d1403efb624211918fc357e541870bf84d10358b0e8a3a9

  • SHA512

    b0d5b674114cfe384fdc9aeff0b80d002b1e0e542d6b4f291d180dd4156b9ca82964a61f357cb045286ad264d6f49971a4a2cc94b863d892659a68b4e33e1672

  • SSDEEP

    1536:I7RjK0/ufAJeZvXA+0YGSKa0ANGgsI+z0/t7gskAPlwK3iwjvUOHfF3VGLkc:I79u48vXA+GgnSItTkUwaiwjvbHdlRc

Score
8/10

Malware Config

Targets

    • Target

      15691e650781c89e7d1403efb624211918fc357e541870bf84d10358b0e8a3a9

    • Size

      94KB

    • MD5

      060819024e6b559470998f581a905fb0

    • SHA1

      05920c474d50496992e6a569f8152b89c0f6128b

    • SHA256

      15691e650781c89e7d1403efb624211918fc357e541870bf84d10358b0e8a3a9

    • SHA512

      b0d5b674114cfe384fdc9aeff0b80d002b1e0e542d6b4f291d180dd4156b9ca82964a61f357cb045286ad264d6f49971a4a2cc94b863d892659a68b4e33e1672

    • SSDEEP

      1536:I7RjK0/ufAJeZvXA+0YGSKa0ANGgsI+z0/t7gskAPlwK3iwjvUOHfF3VGLkc:I79u48vXA+GgnSItTkUwaiwjvbHdlRc

    Score
    8/10

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks