Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    recoverit_setup_full4174.exe

  • Size

    1.2MB

  • Sample

    230521-mhbvascb4y

  • MD5

    3e01349dab2dbe1158981ed976ca59f9

  • SHA1

    47189c1ec868823309193083a5b6311677893097

  • SHA256

    140f2e0a4f4163af3dc66274beb504a5ff554a46297c27ec039077b8d211b56f

  • SHA512

    96125b025e4117c376f1d4c5e54529fa69f0848049e086c5e264c1f597b46d4e6d8be4bfaea9f618375ee53e88b949e84d9892328b56ade27658f6cfff1a9625

  • SSDEEP

    24576:XOXAaO/6uSLYnFYARGDgrq/fSdYHhC/+EXNP7HkBNqEL7jtf6408:srW6uSLYnPRGDgrq/X0/lON9L7jk4J

Score
8/10

Malware Config

Targets

    • Target

      recoverit_setup_full4174.exe

    • Size

      1.2MB

    • MD5

      3e01349dab2dbe1158981ed976ca59f9

    • SHA1

      47189c1ec868823309193083a5b6311677893097

    • SHA256

      140f2e0a4f4163af3dc66274beb504a5ff554a46297c27ec039077b8d211b56f

    • SHA512

      96125b025e4117c376f1d4c5e54529fa69f0848049e086c5e264c1f597b46d4e6d8be4bfaea9f618375ee53e88b949e84d9892328b56ade27658f6cfff1a9625

    • SSDEEP

      24576:XOXAaO/6uSLYnFYARGDgrq/fSdYHhC/+EXNP7HkBNqEL7jtf6408:srW6uSLYnPRGDgrq/X0/lON9L7jk4J

    Score
    8/10
    • Downloads MZ/PE file

    • Modifies Windows Firewall

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v6

Tasks