Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    VirusShare-00f4688d22a38d97636ccacd12a6d809

  • Size

    47KB

  • Sample

    240202-fqdkjagfgp

  • MD5

    00f4688d22a38d97636ccacd12a6d809

  • SHA1

    7258d29991e94da7f53793aee6329c7853a0ce65

  • SHA256

    2f478d678b9bfffd8217ad54345c27df346fa6bf28177ae0e0c7a37417284f4a

  • SHA512

    ce87e9eda378d4197d0ac4408f68c7f8c3c03d7ab171bd00536bcbff968e9d71db2083ea97a870aaadb16b42ca63b67099ef08ff1e911e555b5ecb4943eb24c2

  • SSDEEP

    768:Zk2vAJST7mMDtX+Mj58NPcBo3nK1rbLUAECAPlcnZlQ7:C+Oga0XZji6Bo3nsrfU4APlqE

Score
7/10

Malware Config

Targets

    • Target

      VirusShare-00f4688d22a38d97636ccacd12a6d809

    • Size

      47KB

    • MD5

      00f4688d22a38d97636ccacd12a6d809

    • SHA1

      7258d29991e94da7f53793aee6329c7853a0ce65

    • SHA256

      2f478d678b9bfffd8217ad54345c27df346fa6bf28177ae0e0c7a37417284f4a

    • SHA512

      ce87e9eda378d4197d0ac4408f68c7f8c3c03d7ab171bd00536bcbff968e9d71db2083ea97a870aaadb16b42ca63b67099ef08ff1e911e555b5ecb4943eb24c2

    • SSDEEP

      768:Zk2vAJST7mMDtX+Mj58NPcBo3nK1rbLUAECAPlcnZlQ7:C+Oga0XZji6Bo3nsrfU4APlqE

    Score
    7/10
    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks