Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

8e0343df8a...ex.exe

windows7-x64

10

8e0343df8a...ex.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8e0343df8a271bexeexeexeex.exe

  • Size

    198KB

  • Sample

    230709-sfjp1sdf52

  • MD5

    8e0343df8a271b98ac356be383f32078

  • SHA1

    fae52783f90d4cb7f618b804c95d99a4a2c66aaa

  • SHA256

    2cfcadc131ec7c5cd04d3a7af3f0818b6d92f3119ac21d8f2e53521595661bf6

  • SHA512

    65273fd2652906848fff92cc05abcebdaadc3e94de4f52f950302ad8ecefe2fb68ab7518bf2aa35c0f60fcbc4d06460747470d27d44f34ca478534cad22eeb23

  • SSDEEP

    3072:9sw8IOstkYTrY4NnGjke/hg8RxM4CX/OGELiJeV23LTtp:9QzstPXNGoe0W9LiJF1p

Score
10/10
evasionpersistenceransomwarespywarestealertrojan

Malware Config

Targets

    • Target

      8e0343df8a271bexeexeexeex.exe

    • Size

      198KB

    • MD5

      8e0343df8a271b98ac356be383f32078

    • SHA1

      fae52783f90d4cb7f618b804c95d99a4a2c66aaa

    • SHA256

      2cfcadc131ec7c5cd04d3a7af3f0818b6d92f3119ac21d8f2e53521595661bf6

    • SHA512

      65273fd2652906848fff92cc05abcebdaadc3e94de4f52f950302ad8ecefe2fb68ab7518bf2aa35c0f60fcbc4d06460747470d27d44f34ca478534cad22eeb23

    • SSDEEP

      3072:9sw8IOstkYTrY4NnGjke/hg8RxM4CX/OGELiJeV23LTtp:9QzstPXNGoe0W9LiJF1p

    Score
    10/10
    evasionpersistenceransomwarespywarestealertrojan

    • Modifies visibility of file extensions in Explorer

      evasion

    • UAC bypass

      evasiontrojan

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks