Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e5bf61acc7b871c6ed3002773f2a29e662b66cb86083106d0c008274d081f23f

  • Size

    2.7MB

  • Sample

    221227-mjfjwahh8y

  • MD5

    ea63a5502a59050d85dc9f162540a475

  • SHA1

    1826f54a746e1170a5c08b2f02112f4df03e0d06

  • SHA256

    e5bf61acc7b871c6ed3002773f2a29e662b66cb86083106d0c008274d081f23f

  • SHA512

    b1bf083160ac38f43f8d12ee17860d76ebd446520ec2aa14f5a5245df5fa0d29b9f763d843f938e703a4966199dab19787626cdb647330234dad5bc158efabf6

  • SSDEEP

    49152:ZjLGLxbmMkZSipMKC76+De6jK31EhC0+kF7LtS6wI7q6zrGuRvu:ZjLG+SSlCglcCLkFnq6Gn

Score
10/10

Malware Config

Targets

    • Target

      e5bf61acc7b871c6ed3002773f2a29e662b66cb86083106d0c008274d081f23f

    • Size

      2.7MB

    • MD5

      ea63a5502a59050d85dc9f162540a475

    • SHA1

      1826f54a746e1170a5c08b2f02112f4df03e0d06

    • SHA256

      e5bf61acc7b871c6ed3002773f2a29e662b66cb86083106d0c008274d081f23f

    • SHA512

      b1bf083160ac38f43f8d12ee17860d76ebd446520ec2aa14f5a5245df5fa0d29b9f763d843f938e703a4966199dab19787626cdb647330234dad5bc158efabf6

    • SSDEEP

      49152:ZjLGLxbmMkZSipMKC76+De6jK31EhC0+kF7LtS6wI7q6zrGuRvu:ZjLG+SSlCglcCLkFnq6Gn

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks