Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2658355af0...88.exe

windows7-x64

7

2658355af0...88.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    49821681a577c7aa118eca3400d71d53.bin

  • Size

    8.1MB

  • Sample

    230630-bpq21sfg42

  • MD5

    bb9f56434c45339f9a53fcfea90e812f

  • SHA1

    baaec6c43e53decc890f6113647e399bf3a47ffd

  • SHA256

    f9cf3bf59fd159c244b689880005f41b3eb2afec3c98bcb3f1fd48f03606bb68

  • SHA512

    6621b5a922938b9f876859b2db2139fe63f7e1901ef0fe21c21e9bd0e4412c3bdd163258dd71de6b1f615cc14067b40e780c9dc1904041a1a91ad924959dd6a4

  • SSDEEP

    196608:/PGiV91Y8l73Xy18SR45zqM0ZDjAO24oLLrpz9o+B:/PF1Y8sXRnM0ZDsR4IdW4

Score
7/10
persistence

Malware Config

Targets

    • Target

      2658355af06f2bd5c9bb325e856723a362efcd9d9a8ee6a7c7f6ae5f85214e88.exe

    • Size

      8.2MB

    • MD5

      49821681a577c7aa118eca3400d71d53

    • SHA1

      e96ae5a5f90e3a4622b64e91d374bbbd102165d3

    • SHA256

      2658355af06f2bd5c9bb325e856723a362efcd9d9a8ee6a7c7f6ae5f85214e88

    • SHA512

      5985f9fe71814ebf41786ddb3c4d7a37cc31e79d81aab0d8008ab701325c404c1316a78eb96ace3f2be4394f3c4eed7249e1d54b526b1d8f6e84f00a18ef0002

    • SSDEEP

      196608:ihTb9B0BPrDz4pxgZZPy5RmStgxb/z6FDiSJXqeUh4mT:MTb9epDz4MZZ4RmxYDiScfhH

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks