Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

9ac4967972...24.exe

windows7-x64

8

9ac4967972...24.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9ac49679720474f3fa68f27b9010f224

  • Size

    147KB

  • Sample

    240214-e8lhesad64

  • MD5

    9ac49679720474f3fa68f27b9010f224

  • SHA1

    8e179bd3986a11157270a009e2fc677422b451c0

  • SHA256

    e88ebfe8ac396c0497f4721035a223db4d50132e2f2d2e83ca5893c35d095341

  • SHA512

    81a6a8c990679669fcd363a6f2c368a4c0c92596fd17dd7e4a6c568fa54e9a7f52f1c3627e78513ef93a33a2c57714f56cf125ac90da88072b816ea48296ade7

  • SSDEEP

    3072:GPQt3aMxzd3o9fUPHC56IXsLkce6p23CskJXljt/wOl2RkOIEY:GPhaCEHpMGljt/RYkB

Score
8/10
persistence

Malware Config

Targets

    • Target

      9ac49679720474f3fa68f27b9010f224

    • Size

      147KB

    • MD5

      9ac49679720474f3fa68f27b9010f224

    • SHA1

      8e179bd3986a11157270a009e2fc677422b451c0

    • SHA256

      e88ebfe8ac396c0497f4721035a223db4d50132e2f2d2e83ca5893c35d095341

    • SHA512

      81a6a8c990679669fcd363a6f2c368a4c0c92596fd17dd7e4a6c568fa54e9a7f52f1c3627e78513ef93a33a2c57714f56cf125ac90da88072b816ea48296ade7

    • SSDEEP

      3072:GPQt3aMxzd3o9fUPHC56IXsLkce6p23CskJXljt/wOl2RkOIEY:GPhaCEHpMGljt/RYkB

    Score
    8/10
    persistence

    • Adds policy Run key to start application

      persistence

    • Sets service image path in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks