Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

21ad40ebba...23.exe

windows7-x64

8

21ad40ebba...23.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21ad40ebba38ba8b5112e5efa800de23

  • Size

    123KB

  • Sample

    231231-arydfagca7

  • MD5

    21ad40ebba38ba8b5112e5efa800de23

  • SHA1

    3e2702cfd93c19a61ff840e90f2b8ae8a9219cc5

  • SHA256

    a68472503f47b5c26530df3d7f346cd94a2641f94fe81092c6e1dc968de543ba

  • SHA512

    205decc5aede504c71898d5f6a59002fb5f48014c4846e2110b0d3cf019daec3dc3f93f036f90c495ee168593d4a111d6360125f064b7607e516500db7ce4297

  • SSDEEP

    3072:JNV7lSLVJy8cfzsbZpZhrVFBmQy6Ge2QLxo:JPl0y/fcZbnlHGgLxo

Score
8/10
persistence

Malware Config

Targets

    • Target

      21ad40ebba38ba8b5112e5efa800de23

    • Size

      123KB

    • MD5

      21ad40ebba38ba8b5112e5efa800de23

    • SHA1

      3e2702cfd93c19a61ff840e90f2b8ae8a9219cc5

    • SHA256

      a68472503f47b5c26530df3d7f346cd94a2641f94fe81092c6e1dc968de543ba

    • SHA512

      205decc5aede504c71898d5f6a59002fb5f48014c4846e2110b0d3cf019daec3dc3f93f036f90c495ee168593d4a111d6360125f064b7607e516500db7ce4297

    • SSDEEP

      3072:JNV7lSLVJy8cfzsbZpZhrVFBmQy6Ge2QLxo:JPl0y/fcZbnlHGgLxo

    Score
    8/10
    persistence

    • Adds policy Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks