Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e9812394ecda56e1386a1f8e5cb379dd5acb32f93bde0ff50580cd9519aeeb95

  • Size

    500KB

  • Sample

    221204-p3cy7saf75

  • MD5

    93e07be20f0ac1f7bbcd2d99e0201935

  • SHA1

    3d91bd7037625dd256ee02fbe84bcce6bc72109b

  • SHA256

    e9812394ecda56e1386a1f8e5cb379dd5acb32f93bde0ff50580cd9519aeeb95

  • SHA512

    87d0ee1433ceceb5de9542efd94952c8ad7cf293cccfefe12e0daaabe23fd8da0e3f119ccdb80631427241c2ff891f3a3bee10205c79c748aa5f84651395516c

  • SSDEEP

    12288:LqtaNB39/RYe+yuy7xZh0Dw0uNRCIxVF6:Lqtm/DTO00uNAIx

Score
10/10

Malware Config

Targets

    • Target

      e9812394ecda56e1386a1f8e5cb379dd5acb32f93bde0ff50580cd9519aeeb95

    • Size

      500KB

    • MD5

      93e07be20f0ac1f7bbcd2d99e0201935

    • SHA1

      3d91bd7037625dd256ee02fbe84bcce6bc72109b

    • SHA256

      e9812394ecda56e1386a1f8e5cb379dd5acb32f93bde0ff50580cd9519aeeb95

    • SHA512

      87d0ee1433ceceb5de9542efd94952c8ad7cf293cccfefe12e0daaabe23fd8da0e3f119ccdb80631427241c2ff891f3a3bee10205c79c748aa5f84651395516c

    • SSDEEP

      12288:LqtaNB39/RYe+yuy7xZh0Dw0uNRCIxVF6:Lqtm/DTO00uNAIx

    Score
    10/10
    • Modifies firewall policy service

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks