Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

c475777b23...cc.exe

windows7-x64

10

c475777b23...cc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c475777b2361308205e150cc95b93d59ea62f7f721f36b0ac1e17a3ae05ecfcc.bin

  • Size

    1.5MB

  • Sample

    230505-x67xrahc95

  • MD5

    acf5f8ea08344b58eeb8d546b01fe689

  • SHA1

    1ed97ea8e34d8af7a5bb36f73ac6145724719f3e

  • SHA256

    c475777b2361308205e150cc95b93d59ea62f7f721f36b0ac1e17a3ae05ecfcc

  • SHA512

    f4ec7e2a4f407401b3a951ce4fd05f6ed511d834338185a644bbf3fc213efd2451718e7b775734ef7ae822e1223dd91c0d1efb976b220f3d8f1dd73021adbc67

  • SSDEEP

    24576:vyT2HQvGlUKcjtn6Rq/++GkO6nvgk6rhABJ7M+Tx/1+ASQmkgOvdmBH9:6KHQvGaKmt6M/JGkOzkhJL/1OGtvc

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      c475777b2361308205e150cc95b93d59ea62f7f721f36b0ac1e17a3ae05ecfcc.bin

    • Size

      1.5MB

    • MD5

      acf5f8ea08344b58eeb8d546b01fe689

    • SHA1

      1ed97ea8e34d8af7a5bb36f73ac6145724719f3e

    • SHA256

      c475777b2361308205e150cc95b93d59ea62f7f721f36b0ac1e17a3ae05ecfcc

    • SHA512

      f4ec7e2a4f407401b3a951ce4fd05f6ed511d834338185a644bbf3fc213efd2451718e7b775734ef7ae822e1223dd91c0d1efb976b220f3d8f1dd73021adbc67

    • SSDEEP

      24576:vyT2HQvGlUKcjtn6Rq/++GkO6nvgk6rhABJ7M+Tx/1+ASQmkgOvdmBH9:6KHQvGaKmt6M/JGkOzkhJL/1OGtvc

    Score
    10/10
    evasionpersistencetrojan

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks