Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    SecuriteInfo.com.FileRepMalware.14542.16900.exe

  • Size

    363KB

  • Sample

    240304-qt4agabd5y

  • MD5

    9e622ccfb07cd8833d6115a3089dc8fa

  • SHA1

    fb144ed302205b5481ecf280c9c0a2539a3864ca

  • SHA256

    7bb3ecf74443eae19f9310eb38eab31b9935498f81882b59658af864c729f6aa

  • SHA512

    d83b3b7a046cc5829296ad2c901a828b213b34fb4cb21edc8268a45cbe93ca0e9852601b693f2668975a03ebc2bd192c82989c117e5f6b1a6934028ae8688485

  • SSDEEP

    6144:clC2F8NXC796TB9vj48rUwVAXiCi05yV27wZWJwflv5YnaaGQ6:cveVQkTrvj4eXAXGZWJwfVQaap6

Score
8/10

Malware Config

Targets

    • Target

      SecuriteInfo.com.FileRepMalware.14542.16900.exe

    • Size

      363KB

    • MD5

      9e622ccfb07cd8833d6115a3089dc8fa

    • SHA1

      fb144ed302205b5481ecf280c9c0a2539a3864ca

    • SHA256

      7bb3ecf74443eae19f9310eb38eab31b9935498f81882b59658af864c729f6aa

    • SHA512

      d83b3b7a046cc5829296ad2c901a828b213b34fb4cb21edc8268a45cbe93ca0e9852601b693f2668975a03ebc2bd192c82989c117e5f6b1a6934028ae8688485

    • SSDEEP

      6144:clC2F8NXC796TB9vj48rUwVAXiCi05yV27wZWJwflv5YnaaGQ6:cveVQkTrvj4eXAXGZWJwfVQaap6

    Score
    8/10
    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks