Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Primordial.dll

windows7-x64

7

Primordial.dll

windows10-2004-x64

5

Resubmissions

03/09/2023, 00:09

230903-afx9asfg8t 7

02/09/2023, 23:31

230902-3h44vafg31 5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Primordial.dll

  • Size

    17.1MB

  • Sample

    230903-afx9asfg8t

  • MD5

    813f69f601f2177a14e9282e14bcffa1

  • SHA1

    66c3b6ee63eb0852ac2dfd2e9afc1e3dc56767f8

  • SHA256

    8aac99035f9d59d4b903ea0792fd102ef39d613a670a5346c3aa747c1e0b9a5e

  • SHA512

    bab6d141a151af3fa4b6e278ea43d8efced6a99f8a9279f81fb5f9deca6c35e1865b390dbcf1d34d7925f3c170965b41a129be6978107d13b052b31d914065df

  • SSDEEP

    3072:1lbMw6KQE0K19jxph0LR/hSMXlk4ZqKFya5XB67Tzn+Yl:145Enph0lhSMXlBXBWH+Yl

Score
7/10
persistence

Malware Config

Targets

    • Target

      Primordial.dll

    • Size

      17.1MB

    • MD5

      813f69f601f2177a14e9282e14bcffa1

    • SHA1

      66c3b6ee63eb0852ac2dfd2e9afc1e3dc56767f8

    • SHA256

      8aac99035f9d59d4b903ea0792fd102ef39d613a670a5346c3aa747c1e0b9a5e

    • SHA512

      bab6d141a151af3fa4b6e278ea43d8efced6a99f8a9279f81fb5f9deca6c35e1865b390dbcf1d34d7925f3c170965b41a129be6978107d13b052b31d914065df

    • SSDEEP

      3072:1lbMw6KQE0K19jxph0LR/hSMXlk4ZqKFya5XB67Tzn+Yl:145Enph0lhSMXlBXBWH+Yl

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks