Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    everything.exe

  • Size

    1.7MB

  • Sample

    231123-ppfg6sae8z

  • MD5

    f55d52d5d690a8e1b2df9217bc3ddfdf

  • SHA1

    0e45d3a28cc096dc7edc1208f7428d66335df11a

  • SHA256

    59f57803fa5235075c3e470e1006905a61236e491bb75a599d862cafcfbb529f

  • SHA512

    4101015760dd2b1d9cbf9586802e610bbe6f74b73bc5dbb4391417afe8fa20762a84b04cd15019b54107d8ad0e4fc523f25403482431dd53aec3d07a4b217941

  • SSDEEP

    49152:p4JJILzCkp/SzrIXKgltQlZ9mwm/PU5KLOR0qkM8+Ou1:p4IuzrIXltEDjm/PtLORlm01

Malware Config

Targets

    • Target

      everything.exe

    • Size

      1.7MB

    • MD5

      f55d52d5d690a8e1b2df9217bc3ddfdf

    • SHA1

      0e45d3a28cc096dc7edc1208f7428d66335df11a

    • SHA256

      59f57803fa5235075c3e470e1006905a61236e491bb75a599d862cafcfbb529f

    • SHA512

      4101015760dd2b1d9cbf9586802e610bbe6f74b73bc5dbb4391417afe8fa20762a84b04cd15019b54107d8ad0e4fc523f25403482431dd53aec3d07a4b217941

    • SSDEEP

      49152:p4JJILzCkp/SzrIXKgltQlZ9mwm/PU5KLOR0qkM8+Ou1:p4IuzrIXltEDjm/PtLORlm01

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks