Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    98f21b558a9e4dbda5a479a28259e8842e9bce2e806e68736d2f47114721e92e

  • Size

    1.3MB

  • Sample

    221204-j9kpqsfe31

  • MD5

    e582f585925a0c0ece797528d8b33563

  • SHA1

    38d311dfe68ca22d313813068dbc6575b7acc37d

  • SHA256

    98f21b558a9e4dbda5a479a28259e8842e9bce2e806e68736d2f47114721e92e

  • SHA512

    d0242811d112886b9d3f4e4cdee6064b4e583d48b82e4e16b870629f739ebbe2cf8a720241e62c7407309897ef79f7f3f9cf3add95bdf536ef24ca0fb4dc8e1a

  • SSDEEP

    6144:JhPpcFVVvD+5FzFcxvqwXoW2z9hreaqFoS:TOCwXoWGjeJFoS

Score
10/10

Malware Config

Targets

    • Target

      98f21b558a9e4dbda5a479a28259e8842e9bce2e806e68736d2f47114721e92e

    • Size

      1.3MB

    • MD5

      e582f585925a0c0ece797528d8b33563

    • SHA1

      38d311dfe68ca22d313813068dbc6575b7acc37d

    • SHA256

      98f21b558a9e4dbda5a479a28259e8842e9bce2e806e68736d2f47114721e92e

    • SHA512

      d0242811d112886b9d3f4e4cdee6064b4e583d48b82e4e16b870629f739ebbe2cf8a720241e62c7407309897ef79f7f3f9cf3add95bdf536ef24ca0fb4dc8e1a

    • SSDEEP

      6144:JhPpcFVVvD+5FzFcxvqwXoW2z9hreaqFoS:TOCwXoWGjeJFoS

    Score
    10/10
    • Modifies firewall policy service

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks