Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

sero.bat

windows7-x64

7

sero.bat

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sero.bat

  • Size

    12.4MB

  • Sample

    231002-1m49asgf47

  • MD5

    46392f93dbe11365dcc6057a0e0c3c6f

  • SHA1

    f5e14d896d366a2d0c856aebff5ec1c7e9f5197e

  • SHA256

    4c6e90e178396d000b5dd5c5bb2b9ae5bbbca5986f26ffad2a6bd0845b6b2c83

  • SHA512

    148f834fa1bed7acb833ad90c2e1782ac4af06a386ed45e95c0dae3b69cd6950330e9827f188a9cf71150db732737751f979d29814e0dde69e1d48dbb283cff3

  • SSDEEP

    49152:UibWQBcVln6vHr2y7++rl77xFiIf5n/IXNgbNTcw3fbRGI6U1MaRaLkFXhzhLBxV:V

Score
10/10

Malware Config

Targets

    • Target

      sero.bat

    • Size

      12.4MB

    • MD5

      46392f93dbe11365dcc6057a0e0c3c6f

    • SHA1

      f5e14d896d366a2d0c856aebff5ec1c7e9f5197e

    • SHA256

      4c6e90e178396d000b5dd5c5bb2b9ae5bbbca5986f26ffad2a6bd0845b6b2c83

    • SHA512

      148f834fa1bed7acb833ad90c2e1782ac4af06a386ed45e95c0dae3b69cd6950330e9827f188a9cf71150db732737751f979d29814e0dde69e1d48dbb283cff3

    • SSDEEP

      49152:UibWQBcVln6vHr2y7++rl77xFiIf5n/IXNgbNTcw3fbRGI6U1MaRaLkFXhzhLBxV:V

    Score
    10/10

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks