Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8e5567895b53abf71a5009dae20bf557
-
Size
2.3MB
-
Sample
240204-f7gnhscghj
-
MD5
8e5567895b53abf71a5009dae20bf557
-
SHA1
2ea8acc94e7a87cac5b4e659bc0496aeccd7996c
-
SHA256
54d212d4940739b01dd37e760c19ad1a85ffac2872d5d872c7cf859f1ebd4833
-
SHA512
8cdd84bac1122fdb0d76c2c7aa1071eae0860e1e673827ec20ae7345e42b58d8906c894ef38f58100c835cbec766ac928193b466968fd28f61bd5a0309ed7a8c
-
SSDEEP
49152:2W6H27a3ndBxYwHJJcFWScFZ2iNY6h9BEzQ+NTVSjdictQLW0S4:mIa3nVYwpJcsCim6/eNKjdFtQg4
Malware Config
Targets
-
-
Target
8e5567895b53abf71a5009dae20bf557
-
Size
2.3MB
-
MD5
8e5567895b53abf71a5009dae20bf557
-
SHA1
2ea8acc94e7a87cac5b4e659bc0496aeccd7996c
-
SHA256
54d212d4940739b01dd37e760c19ad1a85ffac2872d5d872c7cf859f1ebd4833
-
SHA512
8cdd84bac1122fdb0d76c2c7aa1071eae0860e1e673827ec20ae7345e42b58d8906c894ef38f58100c835cbec766ac928193b466968fd28f61bd5a0309ed7a8c
-
SSDEEP
49152:2W6H27a3ndBxYwHJJcFWScFZ2iNY6h9BEzQ+NTVSjdictQLW0S4:mIa3nVYwpJcsCim6/eNKjdFtQg4
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Adds Run key to start application
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1