Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

Half-open_....2.exe

windows7-x64

8

Half-open_....2.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Half-open_limit_fix_4.2.exe

  • Size

    360KB

  • Sample

    230923-g9nqaadd6s

  • MD5

    f35d7d71ca9764a02a3ee4876c0be0f5

  • SHA1

    f1a25502e86ba9babb9d22bcfe165668f936b329

  • SHA256

    bb59a39a6db7a08ebe4cdf80bdf044c8056a09210076336b141c514506f39472

  • SHA512

    b1485c7f4508e783d53fd0c87ed940ca552bf9333420f877833fdb2c81bba87a1d6d9d5d6d2867d8b769282c786420988f16c3a4eaf17fee2b428f34cd4082c0

  • SSDEEP

    6144:C4vctX8ORFpVO8YksvQJ2Txvu6lRcRK05qzdUKEbKU5jwU3IIazQw55+/:CljpVO8YksvQJ2T5u6li5qBEbKWwQII9

Score
8/10
discoveryexploitupx

Malware Config

Targets

    • Target

      Half-open_limit_fix_4.2.exe

    • Size

      360KB

    • MD5

      f35d7d71ca9764a02a3ee4876c0be0f5

    • SHA1

      f1a25502e86ba9babb9d22bcfe165668f936b329

    • SHA256

      bb59a39a6db7a08ebe4cdf80bdf044c8056a09210076336b141c514506f39472

    • SHA512

      b1485c7f4508e783d53fd0c87ed940ca552bf9333420f877833fdb2c81bba87a1d6d9d5d6d2867d8b769282c786420988f16c3a4eaf17fee2b428f34cd4082c0

    • SSDEEP

      6144:C4vctX8ORFpVO8YksvQJ2Txvu6lRcRK05qzdUKEbKU5jwU3IIazQw55+/:CljpVO8YksvQJ2T5u6li5qBEbKWwQII9

    Score
    8/10
    upxdiscoveryexploit

    • Drops file in Drivers directory

    • Possible privilege escalation attempt

      exploit

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks