Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    72c50bb47ae31af0b64594a40c195ea174822d84c455da5356726cbf3b031948

  • Size

    304KB

  • Sample

    231114-lqfyjsbc39

  • MD5

    b728c2840a02568443366cf9d31b4e79

  • SHA1

    290262cf698471ac7a25c002cc5e32c45343354a

  • SHA256

    72c50bb47ae31af0b64594a40c195ea174822d84c455da5356726cbf3b031948

  • SHA512

    663f58c57f7fb01fec32c6a7f72742edf45c37f4e12caef7def07e504d1aefcf51d873fc28682161a0affbcf536f40e967049f84a6376f33cb1e1c77f0be9de5

  • SSDEEP

    6144:vIMnCyxDUQyNjIY6UAik3W6EoXJAOueOef5SG4X9Wx+8tCNyY:1C2U3Nj56Jik3n5EeOK8Mx+8kNH

Score
10/10

Malware Config

Targets

    • Target

      72c50bb47ae31af0b64594a40c195ea174822d84c455da5356726cbf3b031948

    • Size

      304KB

    • MD5

      b728c2840a02568443366cf9d31b4e79

    • SHA1

      290262cf698471ac7a25c002cc5e32c45343354a

    • SHA256

      72c50bb47ae31af0b64594a40c195ea174822d84c455da5356726cbf3b031948

    • SHA512

      663f58c57f7fb01fec32c6a7f72742edf45c37f4e12caef7def07e504d1aefcf51d873fc28682161a0affbcf536f40e967049f84a6376f33cb1e1c77f0be9de5

    • SSDEEP

      6144:vIMnCyxDUQyNjIY6UAik3W6EoXJAOueOef5SG4X9Wx+8tCNyY:1C2U3Nj56Jik3n5EeOK8Mx+8kNH

    Score
    10/10
    • UAC bypass

    • Downloads MZ/PE file

    • Modifies RDP port number used by Windows

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks