Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    69a0161cecc7b1a89d4877f96e997aaf8a11af72364be88c0692f0016e6b978d

  • Size

    8.8MB

  • Sample

    221206-qwpvvsfd5t

  • MD5

    2f735600ab65fb8930f8b7ad2a3f3f46

  • SHA1

    f6ba2e5ee13e3317acb2e4852a7972541913e152

  • SHA256

    69a0161cecc7b1a89d4877f96e997aaf8a11af72364be88c0692f0016e6b978d

  • SHA512

    ea6a356e79c147f2cd52f473eae77ec8c90f80d7fdf0820bd5686453b221d2a6650fe3e5b5fb14c9e0aebb3720c773904a56a3e98b4802f7f81675a6dcc354b7

  • SSDEEP

    196608:dZ5Y7eVwHUX5z87Psv7xXBeK3/R9ZCL3r8d4UKjgs6ZlutFjl8gz44QAJ:b5Y7eVwHUX5zAPuxXX/0brxUKjb6sttb

Malware Config

Targets

    • Target

      69a0161cecc7b1a89d4877f96e997aaf8a11af72364be88c0692f0016e6b978d

    • Size

      8.8MB

    • MD5

      2f735600ab65fb8930f8b7ad2a3f3f46

    • SHA1

      f6ba2e5ee13e3317acb2e4852a7972541913e152

    • SHA256

      69a0161cecc7b1a89d4877f96e997aaf8a11af72364be88c0692f0016e6b978d

    • SHA512

      ea6a356e79c147f2cd52f473eae77ec8c90f80d7fdf0820bd5686453b221d2a6650fe3e5b5fb14c9e0aebb3720c773904a56a3e98b4802f7f81675a6dcc354b7

    • SSDEEP

      196608:dZ5Y7eVwHUX5z87Psv7xXBeK3/R9ZCL3r8d4UKjgs6ZlutFjl8gz44QAJ:b5Y7eVwHUX5zAPuxXX/0brxUKjb6sttb

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Executes dropped EXE

    • Sets DLL path for service in the registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks