Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-28_21e693dd6cf7be3eef4887a0de5bceac_icedid

  • Size

    3.5MB

  • Sample

    240228-q2b6ysda5v

  • MD5

    21e693dd6cf7be3eef4887a0de5bceac

  • SHA1

    49291d45ae4c16d6077b5849076c277ee84fab8c

  • SHA256

    19abda2a390d0dbcaf019284a5b2a85b9ec6c847ca753b32f478189f49c4f9b5

  • SHA512

    791046b4e0eea738b28212066f48583e53602bfa57a28ba4d257fc4650550f4674b73e398ed0a49ae0d82deb6ffa304a6bd4404f9b17578f73744c21c5d43d55

  • SSDEEP

    49152:JCFzThuMHqCikNXSlW7sWVLRfGyyTozbsem:khhuraNXSE7sqo0Hsj

Score
9/10
upx

Malware Config

Targets

    • Target

      2024-02-28_21e693dd6cf7be3eef4887a0de5bceac_icedid

    • Size

      3.5MB

    • MD5

      21e693dd6cf7be3eef4887a0de5bceac

    • SHA1

      49291d45ae4c16d6077b5849076c277ee84fab8c

    • SHA256

      19abda2a390d0dbcaf019284a5b2a85b9ec6c847ca753b32f478189f49c4f9b5

    • SHA512

      791046b4e0eea738b28212066f48583e53602bfa57a28ba4d257fc4650550f4674b73e398ed0a49ae0d82deb6ffa304a6bd4404f9b17578f73744c21c5d43d55

    • SSDEEP

      49152:JCFzThuMHqCikNXSlW7sWVLRfGyyTozbsem:khhuraNXSE7sqo0Hsj

    Score
    9/10
    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks