Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4f2d0ffeb941208c8f247c874512336b

  • Size

    674KB

  • Sample

    231226-dpjn2sddhk

  • MD5

    4f2d0ffeb941208c8f247c874512336b

  • SHA1

    ba3716f08fb562a4b53306130d7b768b2d20383f

  • SHA256

    05d4ef2b202a6cb08e77e6b9ba71002118bf6fd1ff3ea5ba55707fedc9c1a561

  • SHA512

    bf78c8b27ea9f84b530f6e7fa802a2e97f0c67d30b94a01a3fbbda57be02ccee9dcc3edca8db8d5096facd2b26716646ab2b30453f80381243ac3efc5659f780

  • SSDEEP

    12288:DHgrruWY28YVn+W/UV85duS3zz6HffZa2W2:DHQvY2XV+F9SOTW2

Score
7/10

Malware Config

Targets

    • Target

      4f2d0ffeb941208c8f247c874512336b

    • Size

      674KB

    • MD5

      4f2d0ffeb941208c8f247c874512336b

    • SHA1

      ba3716f08fb562a4b53306130d7b768b2d20383f

    • SHA256

      05d4ef2b202a6cb08e77e6b9ba71002118bf6fd1ff3ea5ba55707fedc9c1a561

    • SHA512

      bf78c8b27ea9f84b530f6e7fa802a2e97f0c67d30b94a01a3fbbda57be02ccee9dcc3edca8db8d5096facd2b26716646ab2b30453f80381243ac3efc5659f780

    • SSDEEP

      12288:DHgrruWY28YVn+W/UV85duS3zz6HffZa2W2:DHQvY2XV+F9SOTW2

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks