Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

doworiginal.php.html

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    doworiginal.php.html

  • Size

    3.2MB

  • Sample

    230314-w1dlaaha94

  • MD5

    baa5798f8232023b99fa57521ae07550

  • SHA1

    378018b212bf52c4e958f5bb4ffa3a515b6ef9e8

  • SHA256

    f027e5c94a106926b7ebbb576f75adec9ef6e9a35b6e4b2d7b7fc48429d4148a

  • SHA512

    1d36fd6faf03dd8428b50db7b5ff612186ccccf3599f9d2065f0c85bdb31facc273b9aa4eba375623ea63b0c7fd27bdd41bfd19fe9fe85e8750456c73431206a

  • SSDEEP

    49152:4hl1hjv8Imh0112W1urqhDNgcW8ieuzlO6H:5

Score
7/10
persistence

Malware Config

Targets

    • Target

      doworiginal.php.html

    • Size

      3.2MB

    • MD5

      baa5798f8232023b99fa57521ae07550

    • SHA1

      378018b212bf52c4e958f5bb4ffa3a515b6ef9e8

    • SHA256

      f027e5c94a106926b7ebbb576f75adec9ef6e9a35b6e4b2d7b7fc48429d4148a

    • SHA512

      1d36fd6faf03dd8428b50db7b5ff612186ccccf3599f9d2065f0c85bdb31facc273b9aa4eba375623ea63b0c7fd27bdd41bfd19fe9fe85e8750456c73431206a

    • SSDEEP

      49152:4hl1hjv8Imh0112W1urqhDNgcW8ieuzlO6H:5

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks