Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    WeChatBackup.exe

  • Size

    4.6MB

  • Sample

    230419-jhq3fahb49

  • MD5

    e8deca5ced98aa0eaf15a9d5e9d7b3bc

  • SHA1

    289de6a64fac58f9fb1b65fdb7ecf63017f541de

  • SHA256

    b42333c1d370a88acc55c0c583aef1ac5992f59b603795f9e521472bd87f0472

  • SHA512

    0cdc582ce5e018304d740f5132da8b1e43197ebc4ae8b4a91ca2ba5e6cfd7af1c1f08e7d2246992df4081cb9f9ed289494900a3ce072e845ab565de39651f137

  • SSDEEP

    98304:YF7kHd+VwnB0fgDPwQNY842E1AqrKHUzJbE6UE4LqCkFn+hATOGa67yJAsLhLIDi:/HkCnB0fgDPw+5JBqrKHUzJblg2Fnknr

Score
7/10

Malware Config

Targets

    • Target

      WeChatBackup.exe

    • Size

      4.6MB

    • MD5

      e8deca5ced98aa0eaf15a9d5e9d7b3bc

    • SHA1

      289de6a64fac58f9fb1b65fdb7ecf63017f541de

    • SHA256

      b42333c1d370a88acc55c0c583aef1ac5992f59b603795f9e521472bd87f0472

    • SHA512

      0cdc582ce5e018304d740f5132da8b1e43197ebc4ae8b4a91ca2ba5e6cfd7af1c1f08e7d2246992df4081cb9f9ed289494900a3ce072e845ab565de39651f137

    • SSDEEP

      98304:YF7kHd+VwnB0fgDPwQNY842E1AqrKHUzJbE6UE4LqCkFn+hATOGa67yJAsLhLIDi:/HkCnB0fgDPw+5JBqrKHUzJblg2Fnknr

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v6

Tasks