Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4cfa1545260df040cb0dcf90682ba03c542cee36171b144b0d79f2c9b4bde69f

  • Size

    2.8MB

  • Sample

    231213-1ebxsaheak

  • MD5

    c90c1126ed54c789bd6c9371dd40c7cc

  • SHA1

    0ed532a3a23781df913021c3e04eaf479890cb72

  • SHA256

    4cfa1545260df040cb0dcf90682ba03c542cee36171b144b0d79f2c9b4bde69f

  • SHA512

    ef7d2ef1772c0a0d1627ace4d90816244525b0c7c9f46c35a55ad6611a9722c9bb03177686a4497b5904247f3e9b0fca80ba6854b262e8d8d66a51ee323c6c49

  • SSDEEP

    49152:Ub9sMMJnV+2AZQTnCLKPBLGSm0QNO8kD6+7jpMEMy8x4giHsdxVRWVFgIDMsxM8t:pMQ7reK5LHmJNOf9jpMEQ5jdxwNu8yCJ

Malware Config

Targets

    • Target

      4cfa1545260df040cb0dcf90682ba03c542cee36171b144b0d79f2c9b4bde69f

    • Size

      2.8MB

    • MD5

      c90c1126ed54c789bd6c9371dd40c7cc

    • SHA1

      0ed532a3a23781df913021c3e04eaf479890cb72

    • SHA256

      4cfa1545260df040cb0dcf90682ba03c542cee36171b144b0d79f2c9b4bde69f

    • SHA512

      ef7d2ef1772c0a0d1627ace4d90816244525b0c7c9f46c35a55ad6611a9722c9bb03177686a4497b5904247f3e9b0fca80ba6854b262e8d8d66a51ee323c6c49

    • SSDEEP

      49152:Ub9sMMJnV+2AZQTnCLKPBLGSm0QNO8kD6+7jpMEMy8x4giHsdxVRWVFgIDMsxM8t:pMQ7reK5LHmJNOf9jpMEQ5jdxwNu8yCJ

    • Detected google phishing page

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

MITRE ATT&CK Enterprise v15

Tasks