Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    64a45bfbf3c98c2d0cf68db310d43fe3

  • Size

    430KB

  • Sample

    240118-gmylzaeec4

  • MD5

    64a45bfbf3c98c2d0cf68db310d43fe3

  • SHA1

    184f39f1596a4ad0a2367e12c347597c105fb1a1

  • SHA256

    6335f77d66c1a6790accc1330930d13f048a81fb6fa319be4921c98cd4843385

  • SHA512

    a586ae1075f54e73d72af80dc4ce5f7bba0bfc41ac9b8e516f06a52c0b3b864ca0101cd873614a9d690ed6468c958f3ef90cac28848cc38649b5a7efb2cfb980

  • SSDEEP

    6144:2bNjfc5iaO4ZQAQ7F/jAErjLf9GZv79RsK2crmv4sFKy9ulo11UVmsQsiR/f5s0X:UfcvxZijA43f98gQDy9hKxQsC/G8

Malware Config

Targets

    • Target

      64a45bfbf3c98c2d0cf68db310d43fe3

    • Size

      430KB

    • MD5

      64a45bfbf3c98c2d0cf68db310d43fe3

    • SHA1

      184f39f1596a4ad0a2367e12c347597c105fb1a1

    • SHA256

      6335f77d66c1a6790accc1330930d13f048a81fb6fa319be4921c98cd4843385

    • SHA512

      a586ae1075f54e73d72af80dc4ce5f7bba0bfc41ac9b8e516f06a52c0b3b864ca0101cd873614a9d690ed6468c958f3ef90cac28848cc38649b5a7efb2cfb980

    • SSDEEP

      6144:2bNjfc5iaO4ZQAQ7F/jAErjLf9GZv79RsK2crmv4sFKy9ulo11UVmsQsiR/f5s0X:UfcvxZijA43f98gQDy9hKxQsC/G8

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks