Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

af6d25c4c5...7b.exe

windows7-x64

8

af6d25c4c5...7b.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    af6d25c4c5a6c455ab1a4075faa792ce0a826e5e9268053d6e76256c08cc217b

  • Size

    300KB

  • Sample

    221204-dcxp5see61

  • MD5

    95a952d907ca9cbc38e437379b7d3285

  • SHA1

    7380fcef52de33f15e9d9cba64568a9d6c371bae

  • SHA256

    af6d25c4c5a6c455ab1a4075faa792ce0a826e5e9268053d6e76256c08cc217b

  • SHA512

    3fa11e9c6d941bd768f47f47cbfa9b5e83794d897ca05d958b4916d53adf1183bd1d92b3cffc331bf4cbe96e47705f891b3bc086de8d41c499bc83ab70f7b910

  • SSDEEP

    6144:yFnIej3A6VDkVhzK87Znl2OSs3ntsDzy1yOFmwWXE7MG71P9:yyej3JDkfZoOSFzVQmLE7MQ1l

Score
8/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      af6d25c4c5a6c455ab1a4075faa792ce0a826e5e9268053d6e76256c08cc217b

    • Size

      300KB

    • MD5

      95a952d907ca9cbc38e437379b7d3285

    • SHA1

      7380fcef52de33f15e9d9cba64568a9d6c371bae

    • SHA256

      af6d25c4c5a6c455ab1a4075faa792ce0a826e5e9268053d6e76256c08cc217b

    • SHA512

      3fa11e9c6d941bd768f47f47cbfa9b5e83794d897ca05d958b4916d53adf1183bd1d92b3cffc331bf4cbe96e47705f891b3bc086de8d41c499bc83ab70f7b910

    • SSDEEP

      6144:yFnIej3A6VDkVhzK87Znl2OSs3ntsDzy1yOFmwWXE7MG71P9:yyej3JDkfZoOSFzVQmLE7MQ1l

    Score
    8/10
    evasionpersistenceupx

    • Creates new service(s)

      persistence

    • Executes dropped EXE

    • Modifies Windows Firewall

      evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks