Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    179c225bcff75d26ca4577d77732f67d

  • Size

    26KB

  • Sample

    231230-n11rtadff5

  • MD5

    179c225bcff75d26ca4577d77732f67d

  • SHA1

    5e96cf772e4143e28cdd7693319c7d0d704ea305

  • SHA256

    93d63a89c3831bd2c922accb28ce7b02ab18e92c9856eaa465c09102f4d74a96

  • SHA512

    638af6d8b499af41993536ef0a5d21cfbb929765cec9009ce7579fc53c53835b78f2f91c75281c04ad5add2db57f548ea0ff12c5cd772dc8dfbc46faba183729

  • SSDEEP

    768:cf7T23HlfKG3hT/sCWTxVsIhxN0qfFXGn:kH2Xl39EdL92n

Score
8/10

Malware Config

Targets

    • Target

      179c225bcff75d26ca4577d77732f67d

    • Size

      26KB

    • MD5

      179c225bcff75d26ca4577d77732f67d

    • SHA1

      5e96cf772e4143e28cdd7693319c7d0d704ea305

    • SHA256

      93d63a89c3831bd2c922accb28ce7b02ab18e92c9856eaa465c09102f4d74a96

    • SHA512

      638af6d8b499af41993536ef0a5d21cfbb929765cec9009ce7579fc53c53835b78f2f91c75281c04ad5add2db57f548ea0ff12c5cd772dc8dfbc46faba183729

    • SSDEEP

      768:cf7T23HlfKG3hT/sCWTxVsIhxN0qfFXGn:kH2Xl39EdL92n

    Score
    8/10
    • Drops file in Drivers directory

    • Sets file execution options in registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks