Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

04d4326343...e8.exe

windows7-x64

8

04d4326343...e8.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    04d4326343cdf1d4baef0f88aee6dce8

  • Size

    13KB

  • Sample

    231229-1n7e2sgefm

  • MD5

    04d4326343cdf1d4baef0f88aee6dce8

  • SHA1

    427d54e74f33b594ccf789145044e87cf7325492

  • SHA256

    609e27656ad00574815d2a355cf429da58e082ff6ba245e74e06335a4113ea14

  • SHA512

    a1233dff180afe52e8fc65d21b42ef9b1d97a98e8206bfe4183e85051b635e5956ce70355fd93abb7ca7caebdfdc9b27277ef8919a9ba9c7bb6a7e276d7158bb

  • SSDEEP

    384:FtTdZjseIebeqoM6Jw3toQTgQBi88+wYzLY:7bfLFoM76QTf4BYvY

Score
8/10
adwarepersistencestealer

Malware Config

Targets

    • Target

      04d4326343cdf1d4baef0f88aee6dce8

    • Size

      13KB

    • MD5

      04d4326343cdf1d4baef0f88aee6dce8

    • SHA1

      427d54e74f33b594ccf789145044e87cf7325492

    • SHA256

      609e27656ad00574815d2a355cf429da58e082ff6ba245e74e06335a4113ea14

    • SHA512

      a1233dff180afe52e8fc65d21b42ef9b1d97a98e8206bfe4183e85051b635e5956ce70355fd93abb7ca7caebdfdc9b27277ef8919a9ba9c7bb6a7e276d7158bb

    • SSDEEP

      384:FtTdZjseIebeqoM6Jw3toQTgQBi88+wYzLY:7bfLFoM76QTf4BYvY

    Score
    8/10
    adwarepersistencestealer

    • Adds policy Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks