Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

c88467a441...3a.lnk

windows7-x64

7

c88467a441...3a.lnk

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ba26b003f8f8b00da1bb1e4c12d109cc.bin

  • Size

    196KB

  • Sample

    231118-dbfegaag51

  • MD5

    e3133abf3254222315759aecf15c6809

  • SHA1

    bb153ee000847cd5c9184be42019d904931dd61e

  • SHA256

    a05d6e6dec8f17a057c808de2a6b76360563e7f0c37ad9be8ff706510b1cf9fa

  • SHA512

    57d96a3c6492295ba73b91b23a222d6b4e28ec2c01c483b8edfddae6d7050324fe4357d90a46670769c86d38ad1e6d0f0978664b745639a6fe80de13aaf81cc1

  • SSDEEP

    6144:+3kFXkGrgsa0zhKLIZYU67EdqbtBcngymjk1:+0FUdsgLdodqbGgymg1

Score
7/10
persistence

Malware Config

Targets

    • Target

      c88467a4416518a52ce45a51f96c9c280e3ece539613e82b0d9fe6f2d4122a3a.lnk

    • Size

      345KB

    • MD5

      ba26b003f8f8b00da1bb1e4c12d109cc

    • SHA1

      a88b3cc71121c9b96053049892abb98b4db3eedc

    • SHA256

      c88467a4416518a52ce45a51f96c9c280e3ece539613e82b0d9fe6f2d4122a3a

    • SHA512

      580de04b864c1dca99635d96344a8e866353633c40d27c366d7d9bb6797ec43106044a071c86338457b3f935ab7f7294b72b2d165b45392bb28f1dda0db9ed48

    • SSDEEP

      6144:ydr8fmEOmqG2K13qPIWAiC/Q5FNTrmwMtGQqOh5PAW7LebJcDgym8/kU0:0QDOmqzHPZAilTiwMtfh5P1Lo4kB

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

      persistence

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.