Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9b5cffd1061d2c40b427637d069cde28b639dbebb23a357567168c8806d4038e

  • Size

    312KB

  • Sample

    230213-dsfrkaae33

  • MD5

    a63057366b53fe3c59b9491bdf73587c

  • SHA1

    45ddabd33f3f1f3ca48497d059bb78aa0cb2f69e

  • SHA256

    9b5cffd1061d2c40b427637d069cde28b639dbebb23a357567168c8806d4038e

  • SHA512

    a51461ce3c278cbeef32486fa06793e52f2a718cd9ccc27af553068b66cb2763965a3f59e9f168af32702c5c6037610160f66542892933eee199554e7e8cfdd9

  • SSDEEP

    6144:IviyYPpr8AE0W0H2Xe1L8AAXb25160uYR+kkEPD:Ivh0W0WX8L8TXO60uYRGEPD

Score
10/10

Malware Config

Targets

    • Target

      9b5cffd1061d2c40b427637d069cde28b639dbebb23a357567168c8806d4038e

    • Size

      312KB

    • MD5

      a63057366b53fe3c59b9491bdf73587c

    • SHA1

      45ddabd33f3f1f3ca48497d059bb78aa0cb2f69e

    • SHA256

      9b5cffd1061d2c40b427637d069cde28b639dbebb23a357567168c8806d4038e

    • SHA512

      a51461ce3c278cbeef32486fa06793e52f2a718cd9ccc27af553068b66cb2763965a3f59e9f168af32702c5c6037610160f66542892933eee199554e7e8cfdd9

    • SSDEEP

      6144:IviyYPpr8AE0W0H2Xe1L8AAXb25160uYR+kkEPD:Ivh0W0WX8L8TXO60uYRGEPD

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks