Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

dbef98d9e2...fc.exe

windows7-x64

7

dbef98d9e2...fc.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dbef98d9e25f35935fc7568c9bfb66fc

  • Size

    84KB

  • Sample

    231222-s2555sccf7

  • MD5

    dbef98d9e25f35935fc7568c9bfb66fc

  • SHA1

    04356714f37f3249231ee2bee7e8f0f0ad51868a

  • SHA256

    d085472f22677ffa702c0f4c0e1b90712d0fe266ba9d26de44b02273768e94b1

  • SHA512

    c042c1fcbddb5dd0513623d7f86ec83ea78ee4f959197466860f7ec88e9ba7f00d39efcdf09efbc6eff41ee0d04ca34baf6bdcaba5f5e54219f8888c5865eb4c

  • SSDEEP

    1536:AXVyiy/GZN5pBVqR/9eZZFnBTtTJQ1ExgSdh5zlVh7NipVVYRpTlOVSvEHFNFVzI:GV2diQVM9TIPT96q

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      dbef98d9e25f35935fc7568c9bfb66fc

    • Size

      84KB

    • MD5

      dbef98d9e25f35935fc7568c9bfb66fc

    • SHA1

      04356714f37f3249231ee2bee7e8f0f0ad51868a

    • SHA256

      d085472f22677ffa702c0f4c0e1b90712d0fe266ba9d26de44b02273768e94b1

    • SHA512

      c042c1fcbddb5dd0513623d7f86ec83ea78ee4f959197466860f7ec88e9ba7f00d39efcdf09efbc6eff41ee0d04ca34baf6bdcaba5f5e54219f8888c5865eb4c

    • SSDEEP

      1536:AXVyiy/GZN5pBVqR/9eZZFnBTtTJQ1ExgSdh5zlVh7NipVVYRpTlOVSvEHFNFVzI:GV2diQVM9TIPT96q

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks