Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    79819a0602ff2a66857915e284d87a32

  • Size

    208KB

  • Sample

    240127-g7dsasehg8

  • MD5

    79819a0602ff2a66857915e284d87a32

  • SHA1

    c60d79059fdb95b0ea1c37a5805b1b170d5888ba

  • SHA256

    487f36ad4da4416cecb13c07b1298f1e23e71e0409575e4a56ac0092a816667d

  • SHA512

    0214985fef4278069ca68d1b087b68fe319ce9da57d9c748bfd96ecf4c29283f462035a1d2ad700b46880b01bb8b7fdbcf3ff48198b620800144a0533c0ab761

  • SSDEEP

    3072:nDMM1KVLDp979aAqvxpDWDhQx9AhHp8NeqxEN1yy8p+uxs/Y:n5KVboA8pDqQx9AhJSRxiJ8jK/Y

Score
10/10

Malware Config

Targets

    • Target

      79819a0602ff2a66857915e284d87a32

    • Size

      208KB

    • MD5

      79819a0602ff2a66857915e284d87a32

    • SHA1

      c60d79059fdb95b0ea1c37a5805b1b170d5888ba

    • SHA256

      487f36ad4da4416cecb13c07b1298f1e23e71e0409575e4a56ac0092a816667d

    • SHA512

      0214985fef4278069ca68d1b087b68fe319ce9da57d9c748bfd96ecf4c29283f462035a1d2ad700b46880b01bb8b7fdbcf3ff48198b620800144a0533c0ab761

    • SSDEEP

      3072:nDMM1KVLDp979aAqvxpDWDhQx9AhHp8NeqxEN1yy8p+uxs/Y:n5KVboA8pDqQx9AhJSRxiJ8jK/Y

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks