Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

bdcedbdf02...88.exe

windows7-x64

10

bdcedbdf02...88.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bdcedbdf02b51d0b53e116edda0d39155d7c5d4374bfc5a8b9d7bbf1a6664b88

  • Size

    749KB

  • Sample

    221203-yvvzgsfc2y

  • MD5

    829698894b4a13b4a683f97301b0f682

  • SHA1

    353513afd1d98071ebe6090cb4b793e30422a2c3

  • SHA256

    bdcedbdf02b51d0b53e116edda0d39155d7c5d4374bfc5a8b9d7bbf1a6664b88

  • SHA512

    8500418d814d1cc145492c73a82b3a247f83fb6a89a3c6506fe925107795c1060038636e58b55e47f196ae1e07b851e4f99cb5a733bfdbe4d574b31a323aea5b

  • SSDEEP

    12288:g72bntEL772bntELDRFj47+572bntEL772bntELDRFj47+HDn0:g72ze72z2Ky72ze72z2K80

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      bdcedbdf02b51d0b53e116edda0d39155d7c5d4374bfc5a8b9d7bbf1a6664b88

    • Size

      749KB

    • MD5

      829698894b4a13b4a683f97301b0f682

    • SHA1

      353513afd1d98071ebe6090cb4b793e30422a2c3

    • SHA256

      bdcedbdf02b51d0b53e116edda0d39155d7c5d4374bfc5a8b9d7bbf1a6664b88

    • SHA512

      8500418d814d1cc145492c73a82b3a247f83fb6a89a3c6506fe925107795c1060038636e58b55e47f196ae1e07b851e4f99cb5a733bfdbe4d574b31a323aea5b

    • SSDEEP

      12288:g72bntEL772bntELDRFj47+572bntEL772bntELDRFj47+HDn0:g72ze72z2Ky72ze72z2K80

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Adds policy Run key to start application

      persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks