Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1df3ca3f121e7606f16c05fbec1f2d97925002242cf534118f522664ba689a52.zip

  • Size

    165KB

  • Sample

    231119-1xnz3ach5v

  • MD5

    13bef698d3f9509cdf04e827c235931f

  • SHA1

    b4ceec99b6d3c4a90b132daaeb5c78f3c99b3ef3

  • SHA256

    86ff60660548474be32dfd8fe9678f99ad040fa0462e7d5d6a33907bf85cace3

  • SHA512

    58d22800df1e3ddfe3a9ebd236aab09367adb69ac3e35c06063f337a30ab3cfa8b4018a42ccc80c7adf7a20e11e74037cce7fe06c398061f8293e884a361c8df

  • SSDEEP

    3072:8kgAOLyIMmJBrV01cggYFAuT9U+Y8FlGJLPblumCw8+p9aI/FRfznXv:NUlMmLCegF6UR3Ggm2+xR7Xv

Malware Config

Targets

    • Target

      1df3ca3f121e7606f16c05fbec1f2d97925002242cf534118f522664ba689a52.exe

    • Size

      275KB

    • MD5

      1669261e33a42f156e7480fcc5f10972

    • SHA1

      78e1200116b4dbfde22cc0283ed83c27f47c383f

    • SHA256

      1df3ca3f121e7606f16c05fbec1f2d97925002242cf534118f522664ba689a52

    • SHA512

      bea5cb46df4d6c9608459144fe6f0dc5574ab39ec643ba1ca559c8ee0adfb4be25df94ee75aee60f65ac3f2aabb5667c6da13239ac4a88bc82ee1a0453a42e60

    • SSDEEP

      3072:/9xVbJJP04OhKkd05278dQoT+pkM4/L3ss4rVKUEA9XvVyTRqRlVfccHAC/p4KCK:Ld30V50kAT+mM4/rssw37DRlVfciz5

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks