Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0470bc9b6883cab32f8e20ea352ed02d

  • Size

    2.4MB

  • Sample

    231224-ta64sshhd2

  • MD5

    0470bc9b6883cab32f8e20ea352ed02d

  • SHA1

    cd8eb96e56e852c1cb420b401a2c8c488aac8543

  • SHA256

    44e6496622a32cf8b38caad776fd12c8698a5082caa1d5868e21386777d91646

  • SHA512

    f1021aa68fd9d390514c16be897a4e442637f3cb62c6b7f553dd45b787ee1c2d963ed99d8e726d6650c509c5b6747fe17a806595a9889e94ea1b0b3e840ce0ca

  • SSDEEP

    49152:GJaSVA+AsBXue0dMpOBFOEhQf5Uv+dqPS7LxNPiVM2xqU17/bJEbEIwFYdAs/:2bVA+AsBXwep6OEhQxU2dgm3iM2xqUxm

Score
10/10

Malware Config

Targets

    • Target

      Photo01 By ‮‮‮‮gpj.SCR

    • Size

      547KB

    • MD5

      dc5e556beac206f025de1c9f92d2e39b

    • SHA1

      c0820fed333a9bb3c800950e5d3f46b0ade731e0

    • SHA256

      560e31e0a9b21391f252a3096e2e0e495eb7c33a7548de1d71dea1a334536aee

    • SHA512

      4f34c33157fa78e7d068480962ad30116673a62fff7591b95d245e3cdc56e218cb6c8cc63ad1930d555a033ce810ba929c9040ebcc7df61099f673fbb8e6b621

    • SSDEEP

      12288:oXTxe8fUp6qreT2A+FY0u7qMg+RIGjFGKOyeRJatK:xpVLqg+KW5b3tK

    Score
    10/10
    • Modifies firewall policy service

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks