Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Backdoor.Win32.Shark.gfc-bd3026127fe5c6e161fd612c2779efa72aa7a7d1324226a435eae8202bc7413c

  • Size

    305KB

  • Sample

    240229-hqs2bshf2t

  • MD5

    5ff4b7f5334e8c4d1f6eefe5a0af1ff6

  • SHA1

    1c65c72416a31fda76d6d824f8e739f8b24c40ea

  • SHA256

    bd3026127fe5c6e161fd612c2779efa72aa7a7d1324226a435eae8202bc7413c

  • SHA512

    8fa34cdbc48b06131cd0d24bc337dce4498f0134c81fef44a81f16ee473104cf79a880d0499415c740941ff02ccdcd428ea2172f6156d23f6fb020b8dc21dde2

  • SSDEEP

    6144:zdZOSoyCVuqaGqqCG6K3SidwlBUov2GBxgGNkVsuaRaU6mHG:pIx0UEHgA0aRz6mHG

Score
8/10

Malware Config

Targets

    • Target

      Backdoor.Win32.Shark.gfc-bd3026127fe5c6e161fd612c2779efa72aa7a7d1324226a435eae8202bc7413c

    • Size

      305KB

    • MD5

      5ff4b7f5334e8c4d1f6eefe5a0af1ff6

    • SHA1

      1c65c72416a31fda76d6d824f8e739f8b24c40ea

    • SHA256

      bd3026127fe5c6e161fd612c2779efa72aa7a7d1324226a435eae8202bc7413c

    • SHA512

      8fa34cdbc48b06131cd0d24bc337dce4498f0134c81fef44a81f16ee473104cf79a880d0499415c740941ff02ccdcd428ea2172f6156d23f6fb020b8dc21dde2

    • SSDEEP

      6144:zdZOSoyCVuqaGqqCG6K3SidwlBUov2GBxgGNkVsuaRaU6mHG:pIx0UEHgA0aRz6mHG

    Score
    8/10
    • Modifies Installed Components in the registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks