Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    91c857f60b65ddcf3925a87505917c1e48cb2ab8c54e855a22a40186226da9cc

  • Size

    66KB

  • Sample

    221203-v81kcaef9s

  • MD5

    f35b337bf4ab8ad26f7d604c1e245ac1

  • SHA1

    8ccfc856c08e793dd246c04a1ad56a755cdb3f3c

  • SHA256

    91c857f60b65ddcf3925a87505917c1e48cb2ab8c54e855a22a40186226da9cc

  • SHA512

    4080baa290c199ad93bd225e4a4425fb834b6d3a3bc5b90910ceabefdf3ea67075bf2526c956f4f46eb8f54fbf1833e4f2f2c1eb98c84912e5918ce86101431f

  • SSDEEP

    1536:zl6Vzn+KzyMCo0UtGuG/h2elhSBBBBBBBBBBBBBBMKVBBBBBBBB+BBBBBBBBBBBM:0qKVCoHtGB/w9Sh9cTwry

Score
10/10

Malware Config

Targets

    • Target

      91c857f60b65ddcf3925a87505917c1e48cb2ab8c54e855a22a40186226da9cc

    • Size

      66KB

    • MD5

      f35b337bf4ab8ad26f7d604c1e245ac1

    • SHA1

      8ccfc856c08e793dd246c04a1ad56a755cdb3f3c

    • SHA256

      91c857f60b65ddcf3925a87505917c1e48cb2ab8c54e855a22a40186226da9cc

    • SHA512

      4080baa290c199ad93bd225e4a4425fb834b6d3a3bc5b90910ceabefdf3ea67075bf2526c956f4f46eb8f54fbf1833e4f2f2c1eb98c84912e5918ce86101431f

    • SSDEEP

      1536:zl6Vzn+KzyMCo0UtGuG/h2elhSBBBBBBBBBBBBBBMKVBBBBBBBB+BBBBBBBBBBBM:0qKVCoHtGB/w9Sh9cTwry

    Score
    10/10
    • Modifies firewall policy service

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks