Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    046753b5aa6691c61045ec71b8094677.exe

  • Size

    739KB

  • Sample

    230328-2splgadg52

  • MD5

    046753b5aa6691c61045ec71b8094677

  • SHA1

    8551d892ce75e35a1ebc2813da545857d2b523f9

  • SHA256

    e23c61fa4ef7e35270d2682f6da5fa067a3610507a3d631d67fcf060302a54dc

  • SHA512

    c9051920c6c7469b341ba30c23104ad6ac0009e31e30744922b4b6a7af5e634a525285b0cd8a828648beb2cf88eb8462feb06ec5eb4513fa78e0a223f45cb2b9

  • SSDEEP

    12288:RQDc7YUSW3QDzJ80MRtOE/d9yfZ1+YAJ:g+QXJ80MRtOE/jq2Ym

Score
7/10

Malware Config

Targets

    • Target

      046753b5aa6691c61045ec71b8094677.exe

    • Size

      739KB

    • MD5

      046753b5aa6691c61045ec71b8094677

    • SHA1

      8551d892ce75e35a1ebc2813da545857d2b523f9

    • SHA256

      e23c61fa4ef7e35270d2682f6da5fa067a3610507a3d631d67fcf060302a54dc

    • SHA512

      c9051920c6c7469b341ba30c23104ad6ac0009e31e30744922b4b6a7af5e634a525285b0cd8a828648beb2cf88eb8462feb06ec5eb4513fa78e0a223f45cb2b9

    • SSDEEP

      12288:RQDc7YUSW3QDzJ80MRtOE/d9yfZ1+YAJ:g+QXJ80MRtOE/jq2Ym

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks