Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    96f711da81e3dfa05defcc7806849663907dc1fe978b5215af6fdd79d22512bc

  • Size

    497KB

  • Sample

    221202-bxv1yaaf36

  • MD5

    b8cc28af488668c1937b3624ff63e3d5

  • SHA1

    87bbe47cad21b48c8eebdac3d5f6ebfb295b6736

  • SHA256

    96f711da81e3dfa05defcc7806849663907dc1fe978b5215af6fdd79d22512bc

  • SHA512

    8d6f5a75f971fd1182d58f7c8c6cd7ccce2eec741af3f75b15d5eae2e51821d0a35b7c9a9e483d561919501f42fa48b388748e7ce81c7354a22db936768b2799

  • SSDEEP

    12288:WEA5KSbBhHZ1mhX/piQR9QTuB33vVQEKoJvZWK:WEAXbBh5KYQQceZoJvl

Score
10/10

Malware Config

Targets

    • Target

      96f711da81e3dfa05defcc7806849663907dc1fe978b5215af6fdd79d22512bc

    • Size

      497KB

    • MD5

      b8cc28af488668c1937b3624ff63e3d5

    • SHA1

      87bbe47cad21b48c8eebdac3d5f6ebfb295b6736

    • SHA256

      96f711da81e3dfa05defcc7806849663907dc1fe978b5215af6fdd79d22512bc

    • SHA512

      8d6f5a75f971fd1182d58f7c8c6cd7ccce2eec741af3f75b15d5eae2e51821d0a35b7c9a9e483d561919501f42fa48b388748e7ce81c7354a22db936768b2799

    • SSDEEP

      12288:WEA5KSbBhHZ1mhX/piQR9QTuB33vVQEKoJvZWK:WEAXbBh5KYQQceZoJvl

    Score
    10/10
    • Modifies firewall policy service

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks