Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    11aa6ef17a79a77cfb8c1d10f25a99df4d289ca13a8f26fcf9c69e31a434a5df

  • Size

    203KB

  • Sample

    231124-jxemyshg8s

  • MD5

    777f37e8cdc11ac1cd0c077641e3c408

  • SHA1

    59b520ee80cf28cc30e8764e9f1fde919f31710e

  • SHA256

    11aa6ef17a79a77cfb8c1d10f25a99df4d289ca13a8f26fcf9c69e31a434a5df

  • SHA512

    f94b3dddbac3b5d2c75056de524dbd2a34276b7b590aeea5e57754d2a71061cd8224c9c6c80ae8cc7950d363307f1a1d6401a59ef7c7f7f2c7c0578b9532ac84

  • SSDEEP

    3072:DE+COyprOTLLvfkgev+oHvE0bMzhHkFTeVxLsc7bZJMn0yDpDkvhxBh:DzQprOTLbkgONvZ4hHD3ZSkvV

Score
10/10

Malware Config

Targets

    • Target

      11aa6ef17a79a77cfb8c1d10f25a99df4d289ca13a8f26fcf9c69e31a434a5df

    • Size

      203KB

    • MD5

      777f37e8cdc11ac1cd0c077641e3c408

    • SHA1

      59b520ee80cf28cc30e8764e9f1fde919f31710e

    • SHA256

      11aa6ef17a79a77cfb8c1d10f25a99df4d289ca13a8f26fcf9c69e31a434a5df

    • SHA512

      f94b3dddbac3b5d2c75056de524dbd2a34276b7b590aeea5e57754d2a71061cd8224c9c6c80ae8cc7950d363307f1a1d6401a59ef7c7f7f2c7c0578b9532ac84

    • SSDEEP

      3072:DE+COyprOTLLvfkgev+oHvE0bMzhHkFTeVxLsc7bZJMn0yDpDkvhxBh:DzQprOTLbkgONvZ4hHD3ZSkvV

    Score
    10/10
    • UAC bypass

    • Downloads MZ/PE file

    • Modifies RDP port number used by Windows

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks