Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8f5e361595c824590364e1905f9a4e41

  • Size

    35KB

  • Sample

    240204-rmxpsabfb4

  • MD5

    8f5e361595c824590364e1905f9a4e41

  • SHA1

    07532614ffd292c639894dd0dff015df32edaab1

  • SHA256

    f5897a5c5b5cf936cc709a31f469067263f5eeed12c59a07ea2ddbfc9be890f8

  • SHA512

    4f019e7b85a3b69554df0c7578485f1424da3b582997173762d35539556de63450b3b74bf64c681c189f749f174122d35d640ff26bd512f92804c98da94718ed

  • SSDEEP

    768:KSFa2tn9m9VTXiOjO4ZcfnnknZNuqBkr2SbH5:KSw2XmrTXljORMZTW2y

Score
10/10

Malware Config

Targets

    • Target

      8f5e361595c824590364e1905f9a4e41

    • Size

      35KB

    • MD5

      8f5e361595c824590364e1905f9a4e41

    • SHA1

      07532614ffd292c639894dd0dff015df32edaab1

    • SHA256

      f5897a5c5b5cf936cc709a31f469067263f5eeed12c59a07ea2ddbfc9be890f8

    • SHA512

      4f019e7b85a3b69554df0c7578485f1424da3b582997173762d35539556de63450b3b74bf64c681c189f749f174122d35d640ff26bd512f92804c98da94718ed

    • SSDEEP

      768:KSFa2tn9m9VTXiOjO4ZcfnnknZNuqBkr2SbH5:KSw2XmrTXljORMZTW2y

    Score
    10/10
    • Modifies WinLogon for persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks