Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

5354cb41e6...6a.exe

windows7-x64

1

5354cb41e6...6a.exe

windows10-2004-x64

1

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

vcodec.exe

windows7-x64

7

vcodec.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5354cb41e67d08f2f247aca83187356a

  • Size

    68KB

  • Sample

    240111-m2h3qaeeak

  • MD5

    5354cb41e67d08f2f247aca83187356a

  • SHA1

    0947a81fa7bdfb870a97543ef3c5efdf006545e1

  • SHA256

    a80493dc9447905331dbae9e82b43829a3ec91ae5e84f153717caf101fa8252e

  • SHA512

    d2c7630c93096e08f85149b214005b63a722183bbf599708cf4721bb1b541c2464daae841295af51b892b1bbfba63115090c0cdf76efb90e47ad71faff3332b4

  • SSDEEP

    1536:pCdm6lEG1aaxxv9HtSaTGatlPni6Q5ynRdrNH1OpmCAnd:pkZvaax0RIlq/58YgCAnd

Score
7/10

Malware Config

Targets

    • Target

      5354cb41e67d08f2f247aca83187356a

    • Size

      68KB

    • MD5

      5354cb41e67d08f2f247aca83187356a

    • SHA1

      0947a81fa7bdfb870a97543ef3c5efdf006545e1

    • SHA256

      a80493dc9447905331dbae9e82b43829a3ec91ae5e84f153717caf101fa8252e

    • SHA512

      d2c7630c93096e08f85149b214005b63a722183bbf599708cf4721bb1b541c2464daae841295af51b892b1bbfba63115090c0cdf76efb90e47ad71faff3332b4

    • SSDEEP

      1536:pCdm6lEG1aaxxv9HtSaTGatlPni6Q5ynRdrNH1OpmCAnd:pkZvaax0RIlq/58YgCAnd

    Score
    1/10
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      12KB

    • MD5

      3c19f79ce11facc2fc4d3351dbb263e0

    • SHA1

      17f4bf4b18ea7700f70ac7d825dc997be0d25f71

    • SHA256

      cfaba712ad640ce2b4890005ffcf03ed9e2a18a6cf9075295f3aaea1478896b9

    • SHA512

      05c9ac861e4fed610171fcb5fad40abc30cbf90e9c7cb13c758f52cdff568af0fdd6af968db4fb143a748c77f21c353c7cffea28cbcbd2ad17157038ab490273

    • SSDEEP

      192:Aq6dnSzJb/WHM9Vm8/FlW8pMFEi49xpkpIURnPehwbbHF1Quhcb:L6dnYbuH+3FlcmzWnW2bbMuO

    Score
    3/10
    behavioral3behavioral4

    • Target

      vcodec.exe

    • Size

      17KB

    • MD5

      45555252350271fb0d196aa9225f1632

    • SHA1

      e8eea8cf8c23ed0194dde6252e958cf731689f0c

    • SHA256

      c4e29183a4f3841431efa073ad07c073da8eee0ceb7002be12d6e3ae0a5238bc

    • SHA512

      4bdb580d8584b9e836356c11557167650482ff2964d0e5eff4d25240c35920028ee59fd6fca315228859717761fe6156f0d53c6698294e60f6adf138ba37c5c5

    • SSDEEP

      384:+OZgLkjxvVuCuZuCY8eVy0hQiUgLHekO0tXkdqZ8pOOpm9IJBQYb8:+wPjneY810b/CkO0Nk8Z2OOpmKBQYb8

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks