Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

25/02/2025, 18:31

250225-w51ava1jt9 8

11/03/2024, 23:35

240311-3leclahf51 8

05/09/2023, 14:57

230905-sbr6lagd82 8

12/04/2023, 00:00

230412-aaqx2ahh3w 8

General

  • Target

    Elo.exe

  • Size

    96KB

  • Sample

    230905-sbr6lagd82

  • MD5

    26b12d61e9e62412748069275521be1a

  • SHA1

    6206f2f1256774a058998da3517cbffc5e70270e

  • SHA256

    a6f48afd03aaa15824a2182e20088a4595f795766f78d679416d123ec17e1de5

  • SHA512

    0e28b335d373c7d1d92f15bd412886472db66ad9b1ab9a4fcae6f1338df07785a62b03ff069aea9543a850c95e9990e3107e0114d63f207721e897b859956491

  • SSDEEP

    1536:f7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIfswociK1CFOU:T7DhdC6kzWypvaQ0FxyNTBfspwYp

Score
8/10

Malware Config

Targets

    • Target

      Elo.exe

    • Size

      96KB

    • MD5

      26b12d61e9e62412748069275521be1a

    • SHA1

      6206f2f1256774a058998da3517cbffc5e70270e

    • SHA256

      a6f48afd03aaa15824a2182e20088a4595f795766f78d679416d123ec17e1de5

    • SHA512

      0e28b335d373c7d1d92f15bd412886472db66ad9b1ab9a4fcae6f1338df07785a62b03ff069aea9543a850c95e9990e3107e0114d63f207721e897b859956491

    • SSDEEP

      1536:f7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIfswociK1CFOU:T7DhdC6kzWypvaQ0FxyNTBfspwYp

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v15

Tasks