Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2da489b1b06b9ecf3b96f08d4d686cd31be7f322b15681013c9d1709d5f6974c

  • Size

    2.8MB

  • Sample

    231213-z5wt7sahc4

  • MD5

    dfd0afd320b4732a5bc3d1854c16cab6

  • SHA1

    f2f6e061918dd7f6ad432f90f01f678563641e5f

  • SHA256

    2da489b1b06b9ecf3b96f08d4d686cd31be7f322b15681013c9d1709d5f6974c

  • SHA512

    1ede26a212fd2442ad94734561ae07a401efe977737c2aba610400f6928a07fc8adef44ca0e7a0f294d5945c29a3db76f4e91d6a68e216b50dc28098c2d1d742

  • SSDEEP

    49152:HMlnVojpGuWCNDCBoMSWQQp73DIe1eyrzC4getH7nDWurwX8P2WygCd:lM3CD+ohWzp7TIe1eyrO5iDWussPZygM

Malware Config

Targets

    • Target

      2da489b1b06b9ecf3b96f08d4d686cd31be7f322b15681013c9d1709d5f6974c

    • Size

      2.8MB

    • MD5

      dfd0afd320b4732a5bc3d1854c16cab6

    • SHA1

      f2f6e061918dd7f6ad432f90f01f678563641e5f

    • SHA256

      2da489b1b06b9ecf3b96f08d4d686cd31be7f322b15681013c9d1709d5f6974c

    • SHA512

      1ede26a212fd2442ad94734561ae07a401efe977737c2aba610400f6928a07fc8adef44ca0e7a0f294d5945c29a3db76f4e91d6a68e216b50dc28098c2d1d742

    • SSDEEP

      49152:HMlnVojpGuWCNDCBoMSWQQp73DIe1eyrzC4getH7nDWurwX8P2WygCd:lM3CD+ohWzp7TIe1eyrO5iDWussPZygM

    • Detected google phishing page

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

MITRE ATT&CK Enterprise v15

Tasks