Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    383521539e46acf813ec377c5a647406fbb7596456dd6f51ff1d61cf3f42cab9

  • Size

    2.0MB

  • Sample

    221217-zlsy7shf25

  • MD5

    7f6bd690058401943b45f8bc8667eec7

  • SHA1

    f8f6f35ba3acdf7e37993b4116c6ef90ee163505

  • SHA256

    383521539e46acf813ec377c5a647406fbb7596456dd6f51ff1d61cf3f42cab9

  • SHA512

    455ac13457f9417d2f4ece72cd1ba644ff80ccdbf4454b919d9689a4ae16456637bef963df8b131690ac9e4a0e3dfa1a866bdff29f65aaeebb36a1a413f8b402

  • SSDEEP

    49152:2pFtPeFTefWNTt0dYMuZDGmA8M9JNYPGmT:2pWeulpZa/8+YPGU

Score
10/10

Malware Config

Targets

    • Target

      383521539e46acf813ec377c5a647406fbb7596456dd6f51ff1d61cf3f42cab9

    • Size

      2.0MB

    • MD5

      7f6bd690058401943b45f8bc8667eec7

    • SHA1

      f8f6f35ba3acdf7e37993b4116c6ef90ee163505

    • SHA256

      383521539e46acf813ec377c5a647406fbb7596456dd6f51ff1d61cf3f42cab9

    • SHA512

      455ac13457f9417d2f4ece72cd1ba644ff80ccdbf4454b919d9689a4ae16456637bef963df8b131690ac9e4a0e3dfa1a866bdff29f65aaeebb36a1a413f8b402

    • SSDEEP

      49152:2pFtPeFTefWNTt0dYMuZDGmA8M9JNYPGmT:2pWeulpZa/8+YPGU

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks