Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a2f32afbaa3308a5e0bc6746296f3e00f823a9cabcf3111a444607f0b7be857d

  • Size

    212KB

  • Sample

    221202-at7d5aag2w

  • MD5

    5ebe843004ead2b883200327965e11fc

  • SHA1

    b1b686e6c000fdcd0153cd382b11428b87fa0852

  • SHA256

    a2f32afbaa3308a5e0bc6746296f3e00f823a9cabcf3111a444607f0b7be857d

  • SHA512

    43cc72dfbb222e46a45c7d97a99de7b5702a361ddd6914302c7a6ebadc49939e6556b1599b248002ac66bfd1c3ec18a6f40ff65e2b2f8ce26f1f79009c39faf0

  • SSDEEP

    6144:KfSElX8vmHdE/4Ceeqqlq3avKXGAzzazhACuzz+cp03:MSIE/4C/qqtKXGAzzazhACuzz+cp03

Score
10/10

Malware Config

Targets

    • Target

      a2f32afbaa3308a5e0bc6746296f3e00f823a9cabcf3111a444607f0b7be857d

    • Size

      212KB

    • MD5

      5ebe843004ead2b883200327965e11fc

    • SHA1

      b1b686e6c000fdcd0153cd382b11428b87fa0852

    • SHA256

      a2f32afbaa3308a5e0bc6746296f3e00f823a9cabcf3111a444607f0b7be857d

    • SHA512

      43cc72dfbb222e46a45c7d97a99de7b5702a361ddd6914302c7a6ebadc49939e6556b1599b248002ac66bfd1c3ec18a6f40ff65e2b2f8ce26f1f79009c39faf0

    • SSDEEP

      6144:KfSElX8vmHdE/4Ceeqqlq3avKXGAzzazhACuzz+cp03:MSIE/4C/qqtKXGAzzazhACuzz+cp03

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v6

Tasks