Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

ab7a3de713...f2.exe

windows7-x64

10

ab7a3de713...f2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ab7a3de7135318c2263530b855a14ff2.exe

  • Size

    452KB

  • Sample

    240107-xztfsaccam

  • MD5

    ab7a3de7135318c2263530b855a14ff2

  • SHA1

    0772f238e91d06a36c1fc3705a1cf6e65e14739b

  • SHA256

    9a351bd7f2a3ef4b58c2e54b4bc43bbc2d1dd41db7d2787c2007b58b570cb73a

  • SHA512

    13424cffe12a21b0826bab06cd7c73835c5346929604857285e7e0da7d1a63b1fe5d87e82f203ef9c1e5ab2024bf2e4826e3b741f922089a40c707c0f0d98903

  • SSDEEP

    12288:9YU476vtic2xSNc8DtoQRWIvf5qZ4KAlPfEOX:2utj22c8RVWFZ3ARsOX

Score
10/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      ab7a3de7135318c2263530b855a14ff2.exe

    • Size

      452KB

    • MD5

      ab7a3de7135318c2263530b855a14ff2

    • SHA1

      0772f238e91d06a36c1fc3705a1cf6e65e14739b

    • SHA256

      9a351bd7f2a3ef4b58c2e54b4bc43bbc2d1dd41db7d2787c2007b58b570cb73a

    • SHA512

      13424cffe12a21b0826bab06cd7c73835c5346929604857285e7e0da7d1a63b1fe5d87e82f203ef9c1e5ab2024bf2e4826e3b741f922089a40c707c0f0d98903

    • SSDEEP

      12288:9YU476vtic2xSNc8DtoQRWIvf5qZ4KAlPfEOX:2utj22c8RVWFZ3ARsOX

    Score
    10/10
    evasionpersistenceupx

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks