Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

fb7d928e52...f1.exe

windows7-x64

8

fb7d928e52...f1.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fb7d928e52ab0175f51b32013d148e2c2d62cc6942081299bef63408fb8b3ef1

  • Size

    1.3MB

  • Sample

    221205-jqwmwsaa64

  • MD5

    70079993331d49d407de6fdf3c6c5279

  • SHA1

    167c201d77bf03e425868aa7031b74d90e5dbef3

  • SHA256

    fb7d928e52ab0175f51b32013d148e2c2d62cc6942081299bef63408fb8b3ef1

  • SHA512

    7c282a3fff7d12cbf0da9e59d942fa4a753b65f043abf370611e44c106608fd80366d87c4c64c5cb5721f3e3fddd43de0df57acc6187ea6acb22217537beb40a

  • SSDEEP

    24576:lX48QE+UDd6l+BwMSYapPSdBEiNRqheC1iXh5sfHiVHBJTNRj4MIo1dv:lXz+w6lMwMKSdBKeC1s5sSvTNRTP

Score
8/10
discovery

Malware Config

Targets

    • Target

      fb7d928e52ab0175f51b32013d148e2c2d62cc6942081299bef63408fb8b3ef1

    • Size

      1.3MB

    • MD5

      70079993331d49d407de6fdf3c6c5279

    • SHA1

      167c201d77bf03e425868aa7031b74d90e5dbef3

    • SHA256

      fb7d928e52ab0175f51b32013d148e2c2d62cc6942081299bef63408fb8b3ef1

    • SHA512

      7c282a3fff7d12cbf0da9e59d942fa4a753b65f043abf370611e44c106608fd80366d87c4c64c5cb5721f3e3fddd43de0df57acc6187ea6acb22217537beb40a

    • SSDEEP

      24576:lX48QE+UDd6l+BwMSYapPSdBEiNRqheC1iXh5sfHiVHBJTNRj4MIo1dv:lXz+w6lMwMKSdBKeC1s5sSvTNRTP

    Score
    8/10
    discovery

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks