Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    565dce884c9975a9b297c1cc7a858cca

  • Size

    183KB

  • Sample

    240112-nvyp9sfbhk

  • MD5

    565dce884c9975a9b297c1cc7a858cca

  • SHA1

    7539ada7c6f844c8dec0beaf7748130e0f274f10

  • SHA256

    34236e767db90d8f0754cf71e77ca17cc65a1cc5890402a532758718da03afb6

  • SHA512

    51ca735bbac617d195442fa2fd8922f1665d68012b12a7f8c44f305da57ceba2b6a885720991847e0a3aa6954ce76fc35cc98681c17d24e67a7a0cb2a43842b8

  • SSDEEP

    3072:9MSncRzAOcNb3mML5dxNqOooCoDErB0nyde/xTBLfhv:eSncRlcNbl5dLDEBAyUp

Score
7/10

Malware Config

Targets

    • Target

      565dce884c9975a9b297c1cc7a858cca

    • Size

      183KB

    • MD5

      565dce884c9975a9b297c1cc7a858cca

    • SHA1

      7539ada7c6f844c8dec0beaf7748130e0f274f10

    • SHA256

      34236e767db90d8f0754cf71e77ca17cc65a1cc5890402a532758718da03afb6

    • SHA512

      51ca735bbac617d195442fa2fd8922f1665d68012b12a7f8c44f305da57ceba2b6a885720991847e0a3aa6954ce76fc35cc98681c17d24e67a7a0cb2a43842b8

    • SSDEEP

      3072:9MSncRzAOcNb3mML5dxNqOooCoDErB0nyde/xTBLfhv:eSncRlcNbl5dLDEBAyUp

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks