Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bddcb8c3df1a05d71e07f853c895cc70cc8a9e288e5f0c3b20a0894671b54794

  • Size

    559KB

  • Sample

    221203-21syvshb7y

  • MD5

    90ebcc3bbd9cd91908b8d4a826c2f374

  • SHA1

    371f0f5e366d8777f643d867af95503692fa5f2f

  • SHA256

    bddcb8c3df1a05d71e07f853c895cc70cc8a9e288e5f0c3b20a0894671b54794

  • SHA512

    3d09427fa4f48a62bdf37125e7a8fde9eda9f9106f01e1eed82e33589cd417a480bb8a1d8e7afb47d9b20552d9a17d43d9f56550aa011f2591bb04c68bc1e8fd

  • SSDEEP

    12288:R9yMyjbUt2FhWWogPs+cmtYeiDZqYJwAkkYxZDBBPjYRVviCPv:KMb2F/E+cvSkaNBPjYRVaCPv

Malware Config

Targets

    • Target

      bddcb8c3df1a05d71e07f853c895cc70cc8a9e288e5f0c3b20a0894671b54794

    • Size

      559KB

    • MD5

      90ebcc3bbd9cd91908b8d4a826c2f374

    • SHA1

      371f0f5e366d8777f643d867af95503692fa5f2f

    • SHA256

      bddcb8c3df1a05d71e07f853c895cc70cc8a9e288e5f0c3b20a0894671b54794

    • SHA512

      3d09427fa4f48a62bdf37125e7a8fde9eda9f9106f01e1eed82e33589cd417a480bb8a1d8e7afb47d9b20552d9a17d43d9f56550aa011f2591bb04c68bc1e8fd

    • SSDEEP

      12288:R9yMyjbUt2FhWWogPs+cmtYeiDZqYJwAkkYxZDBBPjYRVviCPv:KMb2F/E+cvSkaNBPjYRVaCPv

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v6

Tasks