Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

5ceb35fa7b...b0.exe

windows7-x64

8

5ceb35fa7b...b0.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5ceb35fa7b3e7ca8e24248bd240395c5b3c9c3cfa16407583f73dcb4d9692fb0

  • Size

    280KB

  • Sample

    230830-x7gf7aac37

  • MD5

    16684e38b1f2fde820b8531dbcd1eed6

  • SHA1

    113944e270e5ca9498bd5cac4bff326bff8c675a

  • SHA256

    5ceb35fa7b3e7ca8e24248bd240395c5b3c9c3cfa16407583f73dcb4d9692fb0

  • SHA512

    f2a2d0e1021aab920180c698eca4677346431779abfdbe71845eae99a1eef71a8b6b3ee006ab6c181eeb1104906834ccebbf0462627d9811d52ee43f183338a1

  • SSDEEP

    6144:WXSQ8BCMis1TMrRQwy7eIeCDbFcEOkCybEaQRXr9HNdvOa:WXv8BCLocRZy7eIeyb1Okx2LIa

Score
8/10
upx

Malware Config

Targets

    • Target

      5ceb35fa7b3e7ca8e24248bd240395c5b3c9c3cfa16407583f73dcb4d9692fb0

    • Size

      280KB

    • MD5

      16684e38b1f2fde820b8531dbcd1eed6

    • SHA1

      113944e270e5ca9498bd5cac4bff326bff8c675a

    • SHA256

      5ceb35fa7b3e7ca8e24248bd240395c5b3c9c3cfa16407583f73dcb4d9692fb0

    • SHA512

      f2a2d0e1021aab920180c698eca4677346431779abfdbe71845eae99a1eef71a8b6b3ee006ab6c181eeb1104906834ccebbf0462627d9811d52ee43f183338a1

    • SSDEEP

      6144:WXSQ8BCMis1TMrRQwy7eIeCDbFcEOkCybEaQRXr9HNdvOa:WXv8BCLocRZy7eIeyb1Okx2LIa

    Score
    8/10
    upx

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks