Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4c88b9bbbfec8636ae20c5f208bc424200ed2633dec92043da5a6f13e3b987eb

  • Size

    44KB

  • Sample

    240217-g71xtscf43

  • MD5

    a0e807ccc7f8c899dbf0f18afd3c6d84

  • SHA1

    4e5576a6beda495be048a14149dcbc47259b6c48

  • SHA256

    4c88b9bbbfec8636ae20c5f208bc424200ed2633dec92043da5a6f13e3b987eb

  • SHA512

    f11d5f76176716a033f7a1e5d7cf8b97ece8efd86607983c95fe4738bb4cdfaf7b088f1ae54d924dd1b2258b6ceb23a74d3a54680e0848cdd5ef5279abbc11e9

  • SSDEEP

    768:sDAA6tMdi+IovzRGrwqJgontZ1lQcC26yMFlNBpxZl27EFiRr:sDAidi2vzRGkqJg4Z1lQcPElZY7eil

Malware Config

Targets

    • Target

      4c88b9bbbfec8636ae20c5f208bc424200ed2633dec92043da5a6f13e3b987eb

    • Size

      44KB

    • MD5

      a0e807ccc7f8c899dbf0f18afd3c6d84

    • SHA1

      4e5576a6beda495be048a14149dcbc47259b6c48

    • SHA256

      4c88b9bbbfec8636ae20c5f208bc424200ed2633dec92043da5a6f13e3b987eb

    • SHA512

      f11d5f76176716a033f7a1e5d7cf8b97ece8efd86607983c95fe4738bb4cdfaf7b088f1ae54d924dd1b2258b6ceb23a74d3a54680e0848cdd5ef5279abbc11e9

    • SSDEEP

      768:sDAA6tMdi+IovzRGrwqJgontZ1lQcC26yMFlNBpxZl27EFiRr:sDAidi2vzRGkqJg4Z1lQcPElZY7eil

    • Detects LgoogLoader payload

    • LgoogLoader

      A downloader capable of dropping and executing other malware families.

    • UAC bypass

    • Windows security bypass

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Windows security modification

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks