Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

2d04ee6b96...f1.exe

windows7-x64

8

2d04ee6b96...f1.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2d04ee6b96bc54b43e5dc257a3e5b4f1

  • Size

    386KB

  • Sample

    231231-h3v2fsebap

  • MD5

    2d04ee6b96bc54b43e5dc257a3e5b4f1

  • SHA1

    040ad46d8568ed45c6016a1b09819357d382775e

  • SHA256

    1b5807f4b8afe23ed12306e36b1e080d566cce63a7ab0d71a4c92df09a8492f8

  • SHA512

    bf1344c85ee70ca415d3cdb806578beb037b4d22db6fd0d9120c596337a4c538309283ec50a471f72c0c23d7ec25905cad288b98e85249c2fb2be4c412bf8788

  • SSDEEP

    3072:MEsmBEsmrEsmBEsmrEsmrEsmBEsmBEsmrEsmrEsmBEsmrEsmrEsmBEsmA:MZQZ+ZQZ+Z+ZQZQZ+Z+ZQZ+Z+ZQZV

Score
8/10

Malware Config

Targets

    • Target

      2d04ee6b96bc54b43e5dc257a3e5b4f1

    • Size

      386KB

    • MD5

      2d04ee6b96bc54b43e5dc257a3e5b4f1

    • SHA1

      040ad46d8568ed45c6016a1b09819357d382775e

    • SHA256

      1b5807f4b8afe23ed12306e36b1e080d566cce63a7ab0d71a4c92df09a8492f8

    • SHA512

      bf1344c85ee70ca415d3cdb806578beb037b4d22db6fd0d9120c596337a4c538309283ec50a471f72c0c23d7ec25905cad288b98e85249c2fb2be4c412bf8788

    • SSDEEP

      3072:MEsmBEsmrEsmBEsmrEsmrEsmBEsmBEsmrEsmrEsmBEsmrEsmrEsmBEsmA:MZQZ+ZQZ+Z+ZQZQZ+Z+ZQZ+Z+ZQZV

    Score
    8/10

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks