Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1538aa2c65bb41501abc20e495da68ac

  • Size

    212KB

  • Sample

    231225-ltvk4sbeb4

  • MD5

    1538aa2c65bb41501abc20e495da68ac

  • SHA1

    e47083a31408b546450e535ec88430cad3d70d8c

  • SHA256

    1059b36b011117b936be98fcf4dce03621f335b211d4b48ef7f8fe736a45f911

  • SHA512

    54d3c91795ca018b5ef909933fd287904906e9cba30d03e1cdb060d797d6e7d1c5919257342d2e5b4d9f78666e57c035161121df954a1c4e36ba8d6f35fab483

  • SSDEEP

    3072:lrnL9FbyZMgSuuj6Uq6EGtCLBnkczjLqXs0EIdVwmC0Ei7:dVuulq6YLBNzjLLwXxC0Ei7

Score
10/10

Malware Config

Targets

    • Target

      1538aa2c65bb41501abc20e495da68ac

    • Size

      212KB

    • MD5

      1538aa2c65bb41501abc20e495da68ac

    • SHA1

      e47083a31408b546450e535ec88430cad3d70d8c

    • SHA256

      1059b36b011117b936be98fcf4dce03621f335b211d4b48ef7f8fe736a45f911

    • SHA512

      54d3c91795ca018b5ef909933fd287904906e9cba30d03e1cdb060d797d6e7d1c5919257342d2e5b4d9f78666e57c035161121df954a1c4e36ba8d6f35fab483

    • SSDEEP

      3072:lrnL9FbyZMgSuuj6Uq6EGtCLBnkczjLqXs0EIdVwmC0Ei7:dVuulq6YLBNzjLLwXxC0Ei7

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks