Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

3b7c6af43d...5d.exe

windows7-x64

8

3b7c6af43d...5d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3b7c6af43db0fde3efd39385f5fbdce9a04d436ace691d9fd3d2bbf9d49ac25d

  • Size

    960KB

  • Sample

    221206-qmnlfabg95

  • MD5

    b327d3bdcea573133bfb57525b376d89

  • SHA1

    995708aad2b70047a3bbce5d8715a6bb2d93ea10

  • SHA256

    3b7c6af43db0fde3efd39385f5fbdce9a04d436ace691d9fd3d2bbf9d49ac25d

  • SHA512

    764547d5081a20889c4cb06abc59511f03aeda8871308cb3624a92230934c563de6439cff381f8398763b7a60f9110e88fb752d086c0faa6bc5a4c57fe1662a7

  • SSDEEP

    24576:mthEVaPqLNHfB/G0gRDmAXEcRPNZtjQXS1HxZpYNhtqJKaJK:uEVUcNHfB/x3AXESdHb4hIHw

Score
8/10
evasionupx

Malware Config

Targets

    • Target

      3b7c6af43db0fde3efd39385f5fbdce9a04d436ace691d9fd3d2bbf9d49ac25d

    • Size

      960KB

    • MD5

      b327d3bdcea573133bfb57525b376d89

    • SHA1

      995708aad2b70047a3bbce5d8715a6bb2d93ea10

    • SHA256

      3b7c6af43db0fde3efd39385f5fbdce9a04d436ace691d9fd3d2bbf9d49ac25d

    • SHA512

      764547d5081a20889c4cb06abc59511f03aeda8871308cb3624a92230934c563de6439cff381f8398763b7a60f9110e88fb752d086c0faa6bc5a4c57fe1662a7

    • SSDEEP

      24576:mthEVaPqLNHfB/G0gRDmAXEcRPNZtjQXS1HxZpYNhtqJKaJK:uEVUcNHfB/x3AXESdHb4hIHw

    Score
    8/10
    evasionupx

    • Executes dropped EXE

    • Modifies Windows Firewall

      evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks