Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    tmp

  • Size

    24.6MB

  • Sample

    231122-h48nyaah72

  • MD5

    3055c62a18308282506fdf461ea9ec89

  • SHA1

    b464491bff51eddb9dd9ca0d10dcefe681e68e78

  • SHA256

    a1843b35c71a0925985276ecced7040cae99d6635b6de7b50cb4630d3f3c2819

  • SHA512

    54b62463d7ad599576e993ae5aa4a5df6472a79be33a7a0198edd7c8daa8f385faf4f8b1976eaeb7e86fb82279e9e469e65580b1d1245d1ec0382830474f4558

  • SSDEEP

    786432:f9z+qZY4h5mcsxmTyjWswiAKO7MTFgCzjvfK9Q:7V5mfCsw3T7MTxzjvfsQ

Score
7/10

Malware Config

Targets

    • Target

      tmp

    • Size

      24.6MB

    • MD5

      3055c62a18308282506fdf461ea9ec89

    • SHA1

      b464491bff51eddb9dd9ca0d10dcefe681e68e78

    • SHA256

      a1843b35c71a0925985276ecced7040cae99d6635b6de7b50cb4630d3f3c2819

    • SHA512

      54b62463d7ad599576e993ae5aa4a5df6472a79be33a7a0198edd7c8daa8f385faf4f8b1976eaeb7e86fb82279e9e469e65580b1d1245d1ec0382830474f4558

    • SSDEEP

      786432:f9z+qZY4h5mcsxmTyjWswiAKO7MTFgCzjvfK9Q:7V5mfCsw3T7MTxzjvfsQ

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks