Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Empty.exe

windows7-x64

1

Empty.exe

windows10-2004-x64

1

Setup_00.exe

windows7-x64

7

Setup_00.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2a80cc0f763292c5870ee4e6b9a92b8e

  • Size

    1.3MB

  • Sample

    231231-gff4cagdfq

  • MD5

    2a80cc0f763292c5870ee4e6b9a92b8e

  • SHA1

    c5ba0d80bce10fce4a8e6a29fa40e68d35d07c12

  • SHA256

    6ca21fa08dc9ddd9de16490e29bbeb3e1283a15c5e2e0b13e0a7db430dcad478

  • SHA512

    54e96f86f7678149166a6fc5ddded7f25449d1740c1927e8fb60e83cdbceff8cf68d0749db225803b7f1d8434b33010e905d70f09f70ce4fffd81399e2ec3832

  • SSDEEP

    24576:Hg1NDLFonKbm/flWKPWfKesKgC1qN0lDoCfbOl915wv8nQvL7mlYjXvdD/9Jc:ALe6mswAUC1qN0VoWbO315h2OlYjXvdY

Score
7/10
persistence

Malware Config

Targets

    • Target

      Empty.exe

    • Size

      2.0MB

    • MD5

      7aa04d3d60c29beb75ef0d3f7bceaff7

    • SHA1

      a3dd66af20410a71744d405b202ca818cfe31d64

    • SHA256

      479d8c28fb66edb0b2a224d556cb33a4475e1e75e632c5ab285dd2335f9c8a01

    • SHA512

      d78a2a8faa12ca023fa7a08e36b7b3521cf6a9eec6b7dee4a5c20fe29f1004f13c0e12c97f8cc2575599585595087af0cff4cebf82e9c2093e7756b8801169f4

    • SSDEEP

      24576:D2XkQaGBvEOBOhH8Jstf/SOiX1QiM/WQMvvUfRYa8pt0mvCYtnNSsz8hU+EWXmZ2:CXkQrvqfwkaHVtUsA/ETBd

    Score
    1/10
    behavioral1behavioral2

    • Target

      Setup_00.exe

    • Size

      121KB

    • MD5

      35765acf294fb5f8294e41b78975b5fa

    • SHA1

      6f0892ab9e7900f0838fe429b6d7077debfc1990

    • SHA256

      782dac7005ea26f34f175c7d6230801ff18d4d786713febfb5e6eb128bfa2cf6

    • SHA512

      5bd885b6a1b5770b5519b3d58f6c6d55da1b873ddc4946da705238fc3f4891dd9f77a86c7b0aba25908e1592b4c4c8c1854e0a6d5710b70309ab8e44580b83ea

    • SSDEEP

      3072:MGu9BlfzWIbXWm+w0Jp5ilmb9NN0xF+LBQCdZu9i:M/0uotbnN0iL1X

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks