Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEW INQ vGT410267234500633.exe

  • Size

    384KB

  • Sample

    231122-fy99gabc4x

  • MD5

    d94b223af3fd6bedbc1552ffc63b85cd

  • SHA1

    d7524fd3525faa6af6d4c329167c322062fb77b6

  • SHA256

    bca02faf8b705cffad72deb87ef895ce6626636d498e05b274b079c9ace3dc5b

  • SHA512

    e91ef8c196f5fae0c5f097175c67c2a7a7988d384ee3bba0468deb4c22c6c3292b4b138cd382430922d80d95daed227057870364fdf0ba5ec413dd61c0162955

  • SSDEEP

    12288:RKt9zvWPOpk/oxQD9inI3PnmLws4475zzgBQvamwvq:oLzpxQD9iIPn38zzwi

Score
7/10

Malware Config

Targets

    • Target

      NEW INQ vGT410267234500633.exe

    • Size

      384KB

    • MD5

      d94b223af3fd6bedbc1552ffc63b85cd

    • SHA1

      d7524fd3525faa6af6d4c329167c322062fb77b6

    • SHA256

      bca02faf8b705cffad72deb87ef895ce6626636d498e05b274b079c9ace3dc5b

    • SHA512

      e91ef8c196f5fae0c5f097175c67c2a7a7988d384ee3bba0468deb4c22c6c3292b4b138cd382430922d80d95daed227057870364fdf0ba5ec413dd61c0162955

    • SSDEEP

      12288:RKt9zvWPOpk/oxQD9inI3PnmLws4475zzgBQvamwvq:oLzpxQD9iIPn38zzwi

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks