Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c23ae4ef0a3ce7fe3cdb5105b3374dcf566c32829dc1fb02fa197a76a49463ad

  • Size

    7.8MB

  • Sample

    230529-hacdmsae5t

  • MD5

    958f350e78c9292316207e8d8fd66e2e

  • SHA1

    c4d2a25f50b714fe90a8b048c6ba78137e1fe47c

  • SHA256

    c23ae4ef0a3ce7fe3cdb5105b3374dcf566c32829dc1fb02fa197a76a49463ad

  • SHA512

    2707a112270c670d553819e9a96eb536c773e39317123f261f30f6488e9a6d597beb3a0cf82bb8418a6364b9831d3721627b44fb99170c65d9ae0f96ad9eaf5c

  • SSDEEP

    196608:ivd06be3DFKb9+8V+gpwMl9yNQKJSHqfQaMvC3uV7LA/HrzkV0RdS114:MVbuDFw3Fj8QiSH5/vC3ulLSrw2R8q

Malware Config

Targets

    • Target

      c23ae4ef0a3ce7fe3cdb5105b3374dcf566c32829dc1fb02fa197a76a49463ad

    • Size

      7.8MB

    • MD5

      958f350e78c9292316207e8d8fd66e2e

    • SHA1

      c4d2a25f50b714fe90a8b048c6ba78137e1fe47c

    • SHA256

      c23ae4ef0a3ce7fe3cdb5105b3374dcf566c32829dc1fb02fa197a76a49463ad

    • SHA512

      2707a112270c670d553819e9a96eb536c773e39317123f261f30f6488e9a6d597beb3a0cf82bb8418a6364b9831d3721627b44fb99170c65d9ae0f96ad9eaf5c

    • SSDEEP

      196608:ivd06be3DFKb9+8V+gpwMl9yNQKJSHqfQaMvC3uV7LA/HrzkV0RdS114:MVbuDFw3Fj8QiSH5/vC3ulLSrw2R8q

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v6

Tasks