Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

CurseForge...er.exe

windows7-x64

8

CurseForge...er.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CurseForge - Installer.exe

  • Size

    2.0MB

  • Sample

    230703-ankyyafc9s

  • MD5

    e6ff884cea8989c965daa8a6ade05343

  • SHA1

    8b12de4870f915ccce7b7cf313c01ec8241fa633

  • SHA256

    51a3f24e2a6e32b508b33285969e4b7595c7d4975e544dbdb438974fc03b08ef

  • SHA512

    abdc0a4e914c6eadc74e31512f293f721ed035209325bed05a3c79401facb3536582011393a761a1d7d65418b0ee40b081a338b2e3ebdefcdc127435ac0db365

  • SSDEEP

    49152:f1Rce6xE87vxpsrFpIvgV7Rlh4TrAzPYnsBYkjLRUcJ:fj4PN+TIvWOywn/4C

Score
8/10
persistence

Malware Config

Targets

    • Target

      CurseForge - Installer.exe

    • Size

      2.0MB

    • MD5

      e6ff884cea8989c965daa8a6ade05343

    • SHA1

      8b12de4870f915ccce7b7cf313c01ec8241fa633

    • SHA256

      51a3f24e2a6e32b508b33285969e4b7595c7d4975e544dbdb438974fc03b08ef

    • SHA512

      abdc0a4e914c6eadc74e31512f293f721ed035209325bed05a3c79401facb3536582011393a761a1d7d65418b0ee40b081a338b2e3ebdefcdc127435ac0db365

    • SSDEEP

      49152:f1Rce6xE87vxpsrFpIvgV7Rlh4TrAzPYnsBYkjLRUcJ:fj4PN+TIvWOywn/4C

    Score
    8/10
    persistence

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks