Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    inject.exe

  • Size

    71KB

  • Sample

    230519-r6948aec95

  • MD5

    43131cdba19b3766a4c6dd215965da74

  • SHA1

    4f089b9a2ab143073a136d8bee6043b600875a7b

  • SHA256

    d88b71064bd53cc44a7b5a7ab04c6b7e10aa804f5fa3fa1e8673d4e0a69c0bcc

  • SHA512

    27f01a2932dc97576018df2b94d6ebfc024099346304cddeae6559148c89289257fb7db8458910398e8af004a03f8bc165a8ed0f86bda8e3ddde65ea9e4aff9d

  • SSDEEP

    1536:8miSgAb/Ga4PvFiDbaRpZo1Lm6IPDOCdzbLgjLx:LggCtiDbMXMsOCdzb4x

Score
7/10

Malware Config

Targets

    • Target

      inject.exe

    • Size

      71KB

    • MD5

      43131cdba19b3766a4c6dd215965da74

    • SHA1

      4f089b9a2ab143073a136d8bee6043b600875a7b

    • SHA256

      d88b71064bd53cc44a7b5a7ab04c6b7e10aa804f5fa3fa1e8673d4e0a69c0bcc

    • SHA512

      27f01a2932dc97576018df2b94d6ebfc024099346304cddeae6559148c89289257fb7db8458910398e8af004a03f8bc165a8ed0f86bda8e3ddde65ea9e4aff9d

    • SSDEEP

      1536:8miSgAb/Ga4PvFiDbaRpZo1Lm6IPDOCdzbLgjLx:LggCtiDbMXMsOCdzb4x

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks