Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

7b49a79994...2e.exe

windows7-x64

8

7b49a79994...2e.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7b49a7999428556c109be5771dce3b2e

  • Size

    455KB

  • Sample

    240127-z1185adhfn

  • MD5

    7b49a7999428556c109be5771dce3b2e

  • SHA1

    2b539957e2c9720bfc1f4018448803f0399cb421

  • SHA256

    7d01c814e4dc147036470e958c30ec7daa1a2140961e6865d0d6b2db40c66d46

  • SHA512

    ab3e7fc465603c98b20a6e8bab8bb9af3c702b2992d24e437ee80b9e6b68fd7775e507df24bf39963368ad55d2f1ff1250b271d93784450ca68e3f238a0b60d6

  • SSDEEP

    12288:tPUdz/leuYergLm9AhJ4rhFkpMMnMMMMME0bJvQI6xMdI0+6DtByCVwHM1a:tsN/leuZz8W7kpMMnMMMMME029s+6RwH

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      7b49a7999428556c109be5771dce3b2e

    • Size

      455KB

    • MD5

      7b49a7999428556c109be5771dce3b2e

    • SHA1

      2b539957e2c9720bfc1f4018448803f0399cb421

    • SHA256

      7d01c814e4dc147036470e958c30ec7daa1a2140961e6865d0d6b2db40c66d46

    • SHA512

      ab3e7fc465603c98b20a6e8bab8bb9af3c702b2992d24e437ee80b9e6b68fd7775e507df24bf39963368ad55d2f1ff1250b271d93784450ca68e3f238a0b60d6

    • SSDEEP

      12288:tPUdz/leuYergLm9AhJ4rhFkpMMnMMMMME0bJvQI6xMdI0+6DtByCVwHM1a:tsN/leuZz8W7kpMMnMMMMME029s+6RwH

    Score
    8/10
    evasionpersistence

    • Disables Task Manager via registry modification

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks