Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

f1da1ee273...78.exe

windows7-x64

8

f1da1ee273...78.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f1da1ee273abd9eec295f5792df13075a10a36fe97391446ff1ac28f9cd2e878

  • Size

    31KB

  • Sample

    221206-x8t4nsfg78

  • MD5

    8d034cc389be6fb5d245e6b51f433924

  • SHA1

    d20f6c08fa3132ad924dcf911cb5262129e2a995

  • SHA256

    f1da1ee273abd9eec295f5792df13075a10a36fe97391446ff1ac28f9cd2e878

  • SHA512

    8f3c7b0d0b7fc9f3e2ef1bef6d1734c768d14131f7b35be7ea10d835f6886adbaad5771a8a25e0532781b39c3de51edbede6fe607357496f5fad1b7035e6f5e6

  • SSDEEP

    768:6Kzy3t49hU9zy5HILSvnxJAMgHSPtmg8E/WSwVy:6IyuU9zy5IL6ugyB

Score
8/10
persistence

Malware Config

Targets

    • Target

      f1da1ee273abd9eec295f5792df13075a10a36fe97391446ff1ac28f9cd2e878

    • Size

      31KB

    • MD5

      8d034cc389be6fb5d245e6b51f433924

    • SHA1

      d20f6c08fa3132ad924dcf911cb5262129e2a995

    • SHA256

      f1da1ee273abd9eec295f5792df13075a10a36fe97391446ff1ac28f9cd2e878

    • SHA512

      8f3c7b0d0b7fc9f3e2ef1bef6d1734c768d14131f7b35be7ea10d835f6886adbaad5771a8a25e0532781b39c3de51edbede6fe607357496f5fad1b7035e6f5e6

    • SSDEEP

      768:6Kzy3t49hU9zy5HILSvnxJAMgHSPtmg8E/WSwVy:6IyuU9zy5IL6ugyB

    Score
    8/10
    persistence

    • Sets DLL path for service in the registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks