Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1be8c45867931b837a5630833a9e2a01846538118f9c8e345c1a23a5f2510343.rar

  • Size

    933B

  • Sample

    240229-fqy68seb8x

  • MD5

    b569d961b15d7bb0ccc640033f529ccc

  • SHA1

    f37cd9c5ef39d786823359876ef93431b8c28f52

  • SHA256

    1be8c45867931b837a5630833a9e2a01846538118f9c8e345c1a23a5f2510343

  • SHA512

    676d68287387c3af676d4c60e502bf9c2293e043a4b2134afd2cfccc191016646649dd4968ba46f45d170928077bf87a9c7adaec025cf95d7488aa8d98e085e8

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

https://thanhancompany.com/grip/FYI

Extracted

Language
hta
Source
URLs
hta.dropper

https://thanhancompany.com/grip/FYI

Targets

    • Target

      WhatsApp Görsel 2024-02-28 saat 14.52.35_809ff0ec.jpg.lnk

    • Size

      1KB

    • MD5

      0365118a92333b6faa474aded6b3a6f2

    • SHA1

      0bcac8b38e4e338508606c897eb7e36ad9d8a68e

    • SHA256

      98e44c818340bc1657402ed6b463ae52247f6d52d45d4a5aa0e6fad5b4935b1e

    • SHA512

      08007340cd5d133aae544597937a9cb1de83f29ff068c1aec023f3182dac1b92f7b150d2e0ecb9392f756c8271a759198840718cba82387432093e691dac3eaf

    Score
    10/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

MITRE ATT&CK Enterprise v15

Tasks