Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3fef6e454b6841ebc1ceae89248b53c1

  • Size

    220KB

  • Sample

    231225-2bkk7abgg6

  • MD5

    3fef6e454b6841ebc1ceae89248b53c1

  • SHA1

    6e48907fa770bb7a2b89c3b4535b962aa2e2a7b1

  • SHA256

    4dbcd6d7018656d7e02347b02bd3e4cf8f68067eb8c16e33d218003edcbe8fed

  • SHA512

    2caff4d1525cc5ecc7adfc7a79d398192d23702c4992af6a7caf1350410685636a76e933be115b11606037d942e3aac2ed11e2b4df47f45cda3e66202a9186ec

  • SSDEEP

    6144:HpHdcNTSggNphV+kTVYLlu5U6ox1+ZpI3NeFb:HhNTV+KVYLQ5o1+ZK3wF

Score
7/10

Malware Config

Targets

    • Target

      3fef6e454b6841ebc1ceae89248b53c1

    • Size

      220KB

    • MD5

      3fef6e454b6841ebc1ceae89248b53c1

    • SHA1

      6e48907fa770bb7a2b89c3b4535b962aa2e2a7b1

    • SHA256

      4dbcd6d7018656d7e02347b02bd3e4cf8f68067eb8c16e33d218003edcbe8fed

    • SHA512

      2caff4d1525cc5ecc7adfc7a79d398192d23702c4992af6a7caf1350410685636a76e933be115b11606037d942e3aac2ed11e2b4df47f45cda3e66202a9186ec

    • SSDEEP

      6144:HpHdcNTSggNphV+kTVYLlu5U6ox1+ZpI3NeFb:HhNTV+KVYLQ5o1+ZK3wF

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks