Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0af473977e2b58a3630dc2bd59245127

  • Size

    89KB

  • Sample

    231224-wt9edaeecp

  • MD5

    0af473977e2b58a3630dc2bd59245127

  • SHA1

    6b1086070e0918c428b4f6688fe2760c9ab9dfea

  • SHA256

    76fe72e0ecdc389b5749df5fe406cb70110b1ef8b64e51cf0a96da2fa2ec5eb2

  • SHA512

    d2f001ed413538368597585483c6745ab1bec058e227ada41937b75435f9456135b876e0ce40249389448b9769a37c3c06233c0d648cfaf9f613e42ad0b92450

  • SSDEEP

    1536:ef/SovFSSZtDgN+DpDkDEFtC+YF8965L+v:I/zv0SZtDgN+Dp+ErYF896W

Score
10/10

Malware Config

Targets

    • Target

      0af473977e2b58a3630dc2bd59245127

    • Size

      89KB

    • MD5

      0af473977e2b58a3630dc2bd59245127

    • SHA1

      6b1086070e0918c428b4f6688fe2760c9ab9dfea

    • SHA256

      76fe72e0ecdc389b5749df5fe406cb70110b1ef8b64e51cf0a96da2fa2ec5eb2

    • SHA512

      d2f001ed413538368597585483c6745ab1bec058e227ada41937b75435f9456135b876e0ce40249389448b9769a37c3c06233c0d648cfaf9f613e42ad0b92450

    • SSDEEP

      1536:ef/SovFSSZtDgN+DpDkDEFtC+YF8965L+v:I/zv0SZtDgN+Dp+ErYF896W

    Score
    10/10
    • Modifies WinLogon for persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks