Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1a4d0807e2bfc6217e8ccdd1909111a2

  • Size

    248KB

  • Sample

    231230-qycnbadce7

  • MD5

    1a4d0807e2bfc6217e8ccdd1909111a2

  • SHA1

    eefc705d2ad689bd3aea4466cbcaebdb649d2f99

  • SHA256

    96b32cf057284f68cfca119a9560954ee76f9a7f7634e545c15d9b3b70566bbb

  • SHA512

    9845bcecdc54212da2c4db48b8cdeac23f433186d7809919c71db8c54edae5fbeb1ef1f50bfdde34ef41fe0eeea59ec7eb60bf46ad209a80aec4263ae9bcabcc

  • SSDEEP

    6144:0HCyQXDsXB89crVEtKsv8sg+UrUDJAnnni8VPhNtj/t6pHt:0HCyQQRfrVET8sg+TDqnnnhNLtjViHt

Score
7/10

Malware Config

Targets

    • Target

      1a4d0807e2bfc6217e8ccdd1909111a2

    • Size

      248KB

    • MD5

      1a4d0807e2bfc6217e8ccdd1909111a2

    • SHA1

      eefc705d2ad689bd3aea4466cbcaebdb649d2f99

    • SHA256

      96b32cf057284f68cfca119a9560954ee76f9a7f7634e545c15d9b3b70566bbb

    • SHA512

      9845bcecdc54212da2c4db48b8cdeac23f433186d7809919c71db8c54edae5fbeb1ef1f50bfdde34ef41fe0eeea59ec7eb60bf46ad209a80aec4263ae9bcabcc

    • SSDEEP

      6144:0HCyQXDsXB89crVEtKsv8sg+UrUDJAnnni8VPhNtj/t6pHt:0HCyQQRfrVET8sg+TDqnnnhNLtjViHt

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks