Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

e681a43247...03.exe

windows7-x64

8

e681a43247...03.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e681a43247029144495d250e65a4fdc9fd037d6730db0d3af0ac3f19efc46803

  • Size

    54KB

  • Sample

    221204-c6jvpsdh7y

  • MD5

    2a3fb18c680d1db507969f93ad76b726

  • SHA1

    9a60bb7131f93e94274ffbfb722f4b53b906d6b1

  • SHA256

    e681a43247029144495d250e65a4fdc9fd037d6730db0d3af0ac3f19efc46803

  • SHA512

    d59c90e640e45e326096581b935a018f2f007607ac1c27471c723c39cbf7c314e11442c7cba34bf3635dcb6c8a8d8d6a76e5b5a68c5670e5104b1960f38bf344

  • SSDEEP

    768:6rpGUKbGPJfS/A+0jmlZ8veI+2qYg7ZffFLCNnbcuyD7U7R:6Hq/ADjmlZ8GITMdL2nouy87R

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      e681a43247029144495d250e65a4fdc9fd037d6730db0d3af0ac3f19efc46803

    • Size

      54KB

    • MD5

      2a3fb18c680d1db507969f93ad76b726

    • SHA1

      9a60bb7131f93e94274ffbfb722f4b53b906d6b1

    • SHA256

      e681a43247029144495d250e65a4fdc9fd037d6730db0d3af0ac3f19efc46803

    • SHA512

      d59c90e640e45e326096581b935a018f2f007607ac1c27471c723c39cbf7c314e11442c7cba34bf3635dcb6c8a8d8d6a76e5b5a68c5670e5104b1960f38bf344

    • SSDEEP

      768:6rpGUKbGPJfS/A+0jmlZ8veI+2qYg7ZffFLCNnbcuyD7U7R:6Hq/ADjmlZ8GITMdL2nouy87R

    Score
    8/10
    evasionpersistence

    • Executes dropped EXE

    • Stops running service(s)

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks