Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

ccf859d71b...da.exe

windows7-x64

8

ccf859d71b...da.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ccf859d71b2177782404578f3d19dc75132c6c0534e2ec2cac9353e51752acda

  • Size

    365KB

  • Sample

    221201-q5wprsdg58

  • MD5

    56d60722af183b394ddb2760e261909e

  • SHA1

    e87182c5b3a6b772a26d601aef6366182c560915

  • SHA256

    ccf859d71b2177782404578f3d19dc75132c6c0534e2ec2cac9353e51752acda

  • SHA512

    ed852a3cb6bb720882c4b34e5b2117e59c8c64c0e83ec0441cd90ce394061b90f8b35210d31abc72094c79a039bb97ff52f82cf9276e8ea5c766e91f9efb7862

  • SSDEEP

    6144:pTfFDbRnOTr085p8mkJeapssUZn7kyPTd4lnqukJja9zTK:v5Oc85prapshZn7/B5cG

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      ccf859d71b2177782404578f3d19dc75132c6c0534e2ec2cac9353e51752acda

    • Size

      365KB

    • MD5

      56d60722af183b394ddb2760e261909e

    • SHA1

      e87182c5b3a6b772a26d601aef6366182c560915

    • SHA256

      ccf859d71b2177782404578f3d19dc75132c6c0534e2ec2cac9353e51752acda

    • SHA512

      ed852a3cb6bb720882c4b34e5b2117e59c8c64c0e83ec0441cd90ce394061b90f8b35210d31abc72094c79a039bb97ff52f82cf9276e8ea5c766e91f9efb7862

    • SSDEEP

      6144:pTfFDbRnOTr085p8mkJeapssUZn7kyPTd4lnqukJja9zTK:v5Oc85prapshZn7/B5cG

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks