Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

1e567e8014...52.exe

windows7-x64

10

1e567e8014...52.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1e567e801406427827e509bf37646d52.exe

  • Size

    424KB

  • Sample

    240101-mdjpcaghaj

  • MD5

    1e567e801406427827e509bf37646d52

  • SHA1

    726221e2a319c2e6ce28117519239740d79dc04f

  • SHA256

    6c74e50ceaa637126b99063629235109343c9d26a47b5600b8ab0d89d7718b8e

  • SHA512

    ce2e4d5aa6dbe95a4f7729c5467cb6a639542e057c29aa7a0b28dc932d1076d52519739fe16097e69af195f2871b247aa226b6014c53ca633ea18f64483911ca

  • SSDEEP

    12288:+isrem3UQJ50J8HCpiz71c2E1GvGc62e:+isrDo8iM15Gca

Score
10/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      1e567e801406427827e509bf37646d52.exe

    • Size

      424KB

    • MD5

      1e567e801406427827e509bf37646d52

    • SHA1

      726221e2a319c2e6ce28117519239740d79dc04f

    • SHA256

      6c74e50ceaa637126b99063629235109343c9d26a47b5600b8ab0d89d7718b8e

    • SHA512

      ce2e4d5aa6dbe95a4f7729c5467cb6a639542e057c29aa7a0b28dc932d1076d52519739fe16097e69af195f2871b247aa226b6014c53ca633ea18f64483911ca

    • SSDEEP

      12288:+isrem3UQJ50J8HCpiz71c2E1GvGc62e:+isrDo8iM15Gca

    Score
    10/10
    evasionpersistenceupx

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Disables Task Manager via registry modification

      evasion

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks