Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    21539bc29b75eba7f203c6dfbad6f111

  • Size

    268KB

  • Sample

    231231-aj6pvaecb6

  • MD5

    21539bc29b75eba7f203c6dfbad6f111

  • SHA1

    ec7c4ffe8d1b749e721c749167bc89ec72776bfe

  • SHA256

    ff18bd17d818e81800acba7c65abef03e873d92aec882332468f4f66313b4804

  • SHA512

    32b0340174167cc77046e2a006038cb698595c805b2ea92cda32f2b7ec47e54e1ea1f8a1e67f50bc3e13fef69823f6bae7711da271ba6da874c07ee548582663

  • SSDEEP

    6144:CRPpbZRml8z94sYxeTfXys6zlbG95POPHQ7TlSqSeiD4/uhHCA4ydSZb0ng:KPpbZRi8z94da64RyHQ7TlUJ4/uLng

Score
10/10

Malware Config

Targets

    • Target

      21539bc29b75eba7f203c6dfbad6f111

    • Size

      268KB

    • MD5

      21539bc29b75eba7f203c6dfbad6f111

    • SHA1

      ec7c4ffe8d1b749e721c749167bc89ec72776bfe

    • SHA256

      ff18bd17d818e81800acba7c65abef03e873d92aec882332468f4f66313b4804

    • SHA512

      32b0340174167cc77046e2a006038cb698595c805b2ea92cda32f2b7ec47e54e1ea1f8a1e67f50bc3e13fef69823f6bae7711da271ba6da874c07ee548582663

    • SSDEEP

      6144:CRPpbZRml8z94sYxeTfXys6zlbG95POPHQ7TlSqSeiD4/uhHCA4ydSZb0ng:KPpbZRi8z94da64RyHQ7TlUJ4/uLng

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks