Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1654d222bb...eb.exe

windows7-x64

10

1654d222bb...eb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1654d222bb4996a25c2aa034646d6a7cd69e8c89289249186fd3f55d4879c0eb

  • Size

    288KB

  • Sample

    221207-d26pcaeb3v

  • MD5

    074553c86014e2baa43c90f85e14d169

  • SHA1

    fad41dc20aa986a58adb45a36570a88eb4930ecb

  • SHA256

    1654d222bb4996a25c2aa034646d6a7cd69e8c89289249186fd3f55d4879c0eb

  • SHA512

    71655f39f598b5643ebc4213fa7c19dc72826be4a3147899b8c0594d11b2df415d0ed0cb72410a95779a087515d5ddf9c64c31348999833f9e1b3248d36d288c

  • SSDEEP

    6144:tMVuUE2lqKhG0wF+kAbUtshbrm3X+DLKlzNgGVRwZBf5Wg9w9CXvn1OHyaFvF+5s:t9VTJabvhfm3XJ1tipsLH

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      1654d222bb4996a25c2aa034646d6a7cd69e8c89289249186fd3f55d4879c0eb

    • Size

      288KB

    • MD5

      074553c86014e2baa43c90f85e14d169

    • SHA1

      fad41dc20aa986a58adb45a36570a88eb4930ecb

    • SHA256

      1654d222bb4996a25c2aa034646d6a7cd69e8c89289249186fd3f55d4879c0eb

    • SHA512

      71655f39f598b5643ebc4213fa7c19dc72826be4a3147899b8c0594d11b2df415d0ed0cb72410a95779a087515d5ddf9c64c31348999833f9e1b3248d36d288c

    • SSDEEP

      6144:tMVuUE2lqKhG0wF+kAbUtshbrm3X+DLKlzNgGVRwZBf5Wg9w9CXvn1OHyaFvF+5s:t9VTJabvhfm3XJ1tipsLH

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks