Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

41d1642b55...66.exe

windows7-x64

8

41d1642b55...66.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    41d1642b55e0676d0bec66325b3dcb66

  • Size

    3.6MB

  • Sample

    240104-y4mpgabch8

  • MD5

    41d1642b55e0676d0bec66325b3dcb66

  • SHA1

    cb47a71340cb2d6365a18d7caae63e906fb9a883

  • SHA256

    15db1f59b96bfa82618e48e8a149533fbdfdb1e8376059e19d23f24a09901015

  • SHA512

    6b82ee05bace9679032db3cb9886a4880a80e37713c3e143cf70d4edf6834a2cc2bafc00c009639c84022bc81ed0d93434b8f073c5a288d5894256355d2937e5

  • SSDEEP

    49152:MWVwEWxNIjbMoMMMWVwEWxNIjbMMMMMWVwEWxNIjw:gEWxvEWx7EWxR

Score
8/10

Malware Config

Targets

    • Target

      41d1642b55e0676d0bec66325b3dcb66

    • Size

      3.6MB

    • MD5

      41d1642b55e0676d0bec66325b3dcb66

    • SHA1

      cb47a71340cb2d6365a18d7caae63e906fb9a883

    • SHA256

      15db1f59b96bfa82618e48e8a149533fbdfdb1e8376059e19d23f24a09901015

    • SHA512

      6b82ee05bace9679032db3cb9886a4880a80e37713c3e143cf70d4edf6834a2cc2bafc00c009639c84022bc81ed0d93434b8f073c5a288d5894256355d2937e5

    • SSDEEP

      49152:MWVwEWxNIjbMoMMMWVwEWxNIjbMMMMMWVwEWxNIjw:gEWxvEWx7EWxR

    Score
    8/10

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks