Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3923e385c0...f1.exe

windows7-x64

8

3923e385c0...f1.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3923e385c04474b95c043dccf366318f837bb331cab5ddbf3e79b3cf68fe61f1

  • Size

    51KB

  • Sample

    221206-y8vwmsdf3y

  • MD5

    90ca9ef857133b48966dd0bf39fdca1c

  • SHA1

    47f948dfdd4b12605a7b658d461419b4d1807446

  • SHA256

    3923e385c04474b95c043dccf366318f837bb331cab5ddbf3e79b3cf68fe61f1

  • SHA512

    1eb46fd52d62d6ee0b4d3d323865a294c01b8938635d95639f3042be182cd5e7ea41f4458378aac9eb1939b65fcc3f812c3f04bd9d86126269bd872f39531b60

  • SSDEEP

    768:he6RKrrq1haq/b4548dWS24Pq6a4euUYSIKffx7T1wBWpZdQZur2:hZKrEh9zwlW6a4euUYSIIx7NHd5r2

Score
8/10
persistence

Malware Config

Targets

    • Target

      3923e385c04474b95c043dccf366318f837bb331cab5ddbf3e79b3cf68fe61f1

    • Size

      51KB

    • MD5

      90ca9ef857133b48966dd0bf39fdca1c

    • SHA1

      47f948dfdd4b12605a7b658d461419b4d1807446

    • SHA256

      3923e385c04474b95c043dccf366318f837bb331cab5ddbf3e79b3cf68fe61f1

    • SHA512

      1eb46fd52d62d6ee0b4d3d323865a294c01b8938635d95639f3042be182cd5e7ea41f4458378aac9eb1939b65fcc3f812c3f04bd9d86126269bd872f39531b60

    • SSDEEP

      768:he6RKrrq1haq/b4548dWS24Pq6a4euUYSIKffx7T1wBWpZdQZur2:hZKrEh9zwlW6a4euUYSIIx7NHd5r2

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks