Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

fae216618b...b2.exe

windows7-x64

10

fae216618b...b2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fae216618b89fd42fade08554294d593f2fe3864ad5751129e9d412855e73bb2

  • Size

    224KB

  • Sample

    221202-asgr3sae7s

  • MD5

    390882aa077d10e80d8f0778f6d727a4

  • SHA1

    79b13e9bcbe12eb950cfbac6f4c1dd12287d613c

  • SHA256

    fae216618b89fd42fade08554294d593f2fe3864ad5751129e9d412855e73bb2

  • SHA512

    eebe70f0949daa9d0f2fd36b44a2455cfc30f4d7298075824b44b4f14419e76396737e44941067600211d210ffb2c2972799059d5830bb2f82eb5c95492be51a

  • SSDEEP

    3072:V3QcvzVYRMCKfvhd+V4SHsd8HYXfg23Qbb6oKWI8k3u5AHP:Vg1NKn+GKs5Xfmb6NWI8ke5cP

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      fae216618b89fd42fade08554294d593f2fe3864ad5751129e9d412855e73bb2

    • Size

      224KB

    • MD5

      390882aa077d10e80d8f0778f6d727a4

    • SHA1

      79b13e9bcbe12eb950cfbac6f4c1dd12287d613c

    • SHA256

      fae216618b89fd42fade08554294d593f2fe3864ad5751129e9d412855e73bb2

    • SHA512

      eebe70f0949daa9d0f2fd36b44a2455cfc30f4d7298075824b44b4f14419e76396737e44941067600211d210ffb2c2972799059d5830bb2f82eb5c95492be51a

    • SSDEEP

      3072:V3QcvzVYRMCKfvhd+V4SHsd8HYXfg23Qbb6oKWI8k3u5AHP:Vg1NKn+GKs5Xfmb6NWI8ke5cP

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks