Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

8def85b416...7d.exe

windows7-x64

8

8def85b416...7d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8def85b4166e7d7f5ae48baf2de5577d

  • Size

    57KB

  • Sample

    240204-cetktsehc2

  • MD5

    8def85b4166e7d7f5ae48baf2de5577d

  • SHA1

    8476859d6236e13902d4112590d1709126b4e430

  • SHA256

    f16775fe1de089b3bfbf6165289a8c52599906e6bf871dbf917dc980185d1ba6

  • SHA512

    1342b3f7669d6d466524753b7870c6f86cd64c9087768d5c47f6e427ff37dddf901e8b9a641614ecda7c00254d219c0ef09219bda75de26fd936c7c8af801cad

  • SSDEEP

    1536:ECM6Ys4njatv0ubeMFrQYRKz4ka5QGdKxo:ECsDWzeurQSKz4kauGdKo

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      8def85b4166e7d7f5ae48baf2de5577d

    • Size

      57KB

    • MD5

      8def85b4166e7d7f5ae48baf2de5577d

    • SHA1

      8476859d6236e13902d4112590d1709126b4e430

    • SHA256

      f16775fe1de089b3bfbf6165289a8c52599906e6bf871dbf917dc980185d1ba6

    • SHA512

      1342b3f7669d6d466524753b7870c6f86cd64c9087768d5c47f6e427ff37dddf901e8b9a641614ecda7c00254d219c0ef09219bda75de26fd936c7c8af801cad

    • SSDEEP

      1536:ECM6Ys4njatv0ubeMFrQYRKz4ka5QGdKxo:ECsDWzeurQSKz4kauGdKo

    Score
    8/10
    evasionpersistence

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks