Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    74331fc1a01348185f62475ee5471472

  • Size

    1.4MB

  • Sample

    240125-kaha1abhc6

  • MD5

    74331fc1a01348185f62475ee5471472

  • SHA1

    9c03c6dfc9786dfb960e5d4b1bd6db4fe5a036b2

  • SHA256

    d2c38cecf49e55b35607cb0407a427fc6c0003909038466c8242120703fc7202

  • SHA512

    114069ecf6ba1ff2b101cc6c86de3a5a95ae9b0e7517fdabda057507fcf4ccf76e87516ba019666504f57abbfb011dad3bfa87382d88f74bb913eb81af63fa32

  • SSDEEP

    24576:BzMhy7MCOI7QAJcJpItV8xjPhrmR4Y4ptRNEg2JUYnbuR656+3xCu8kjfaY:BBMCOIBWOtmxjPkyYElOUK6R6pou1fB

Malware Config

Targets

    • Target

      74331fc1a01348185f62475ee5471472

    • Size

      1.4MB

    • MD5

      74331fc1a01348185f62475ee5471472

    • SHA1

      9c03c6dfc9786dfb960e5d4b1bd6db4fe5a036b2

    • SHA256

      d2c38cecf49e55b35607cb0407a427fc6c0003909038466c8242120703fc7202

    • SHA512

      114069ecf6ba1ff2b101cc6c86de3a5a95ae9b0e7517fdabda057507fcf4ccf76e87516ba019666504f57abbfb011dad3bfa87382d88f74bb913eb81af63fa32

    • SSDEEP

      24576:BzMhy7MCOI7QAJcJpItV8xjPhrmR4Y4ptRNEg2JUYnbuR656+3xCu8kjfaY:BBMCOIBWOtmxjPkyYElOUK6R6pou1fB

    • UAC bypass

    • Disables Task Manager via registry modification

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks