Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

fc1e5d7b2b...a9.exe

windows7-x64

8

fc1e5d7b2b...a9.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fc1e5d7b2b7da103fb4f3abb015908ac54e6d74f66fd5cfe1c929af0d15078a9

  • Size

    440KB

  • Sample

    221204-lyeepacf3t

  • MD5

    03eb76f40d34072a0cd486b35faf2342

  • SHA1

    8572eab9fe72714cc85bc92fac2f1df0beae1fd7

  • SHA256

    fc1e5d7b2b7da103fb4f3abb015908ac54e6d74f66fd5cfe1c929af0d15078a9

  • SHA512

    cd2eae7c1893ec1c39f4fc26d297a7159f3b589441635872e4ab53c079ea374db19cfcf3e4c98adfd43a82c261603d3b1e6488d03f1d036fbb091ce1fd77cb37

  • SSDEEP

    6144:MVVlKTJpyILY44CG0dKItpCyYYzG/xc6YvwpJUgxK5VVP08Czu1rUM8i31h+42vH:clKTJptdhNI2308Uu1B1hgv5kps1

Score
8/10
persistence

Malware Config

Targets

    • Target

      fc1e5d7b2b7da103fb4f3abb015908ac54e6d74f66fd5cfe1c929af0d15078a9

    • Size

      440KB

    • MD5

      03eb76f40d34072a0cd486b35faf2342

    • SHA1

      8572eab9fe72714cc85bc92fac2f1df0beae1fd7

    • SHA256

      fc1e5d7b2b7da103fb4f3abb015908ac54e6d74f66fd5cfe1c929af0d15078a9

    • SHA512

      cd2eae7c1893ec1c39f4fc26d297a7159f3b589441635872e4ab53c079ea374db19cfcf3e4c98adfd43a82c261603d3b1e6488d03f1d036fbb091ce1fd77cb37

    • SSDEEP

      6144:MVVlKTJpyILY44CG0dKItpCyYYzG/xc6YvwpJUgxK5VVP08Czu1rUM8i31h+42vH:clKTJptdhNI2308Uu1B1hgv5kps1

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks