Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

Protector ....A.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Protector Del Este S.A.exe

  • Size

    576KB

  • Sample

    230208-rglqbsag7t

  • MD5

    bf960f17b0877adff061e419d113bde5

  • SHA1

    8e7e8814f259fdbc24ae575d84efe899c4bd0fb1

  • SHA256

    422bbbe224d6d58280c2fa801357b70528504d318d1f073025b0042ed99e6bbe

  • SHA512

    9f01030004f734bdf526c83c00ad58e3500bde52adb187ba99d89908d3660863c9139040270d6615928ded0fe9d2eb4508a62c167864a5843841eb63c3205414

  • SSDEEP

    12288:PrD1Ec7ItKCZEQfrCvSTD7r35JpWrNdyOL8aWPXMv5swACzhE+Busk2ai/4CV:PrRtYNFjLlkzwP8vlVE+BY2V4c

Score
7/10

Malware Config

Targets

    • Target

      Protector Del Este S.A.exe

    • Size

      576KB

    • MD5

      bf960f17b0877adff061e419d113bde5

    • SHA1

      8e7e8814f259fdbc24ae575d84efe899c4bd0fb1

    • SHA256

      422bbbe224d6d58280c2fa801357b70528504d318d1f073025b0042ed99e6bbe

    • SHA512

      9f01030004f734bdf526c83c00ad58e3500bde52adb187ba99d89908d3660863c9139040270d6615928ded0fe9d2eb4508a62c167864a5843841eb63c3205414

    • SSDEEP

      12288:PrD1Ec7ItKCZEQfrCvSTD7r35JpWrNdyOL8aWPXMv5swACzhE+Busk2ai/4CV:PrRtYNFjLlkzwP8vlVE+BY2V4c

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks