Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b500525ec82203429144f30eadc3d602

  • Size

    108KB

  • Sample

    240305-sj1spshf6z

  • MD5

    b500525ec82203429144f30eadc3d602

  • SHA1

    b693d7d15674647a7ac8ab4abd41f2ffe84b75e5

  • SHA256

    e43a687ad1d6dd93157260935d840429b4b650db61bfc8946bf7a0f10a882d4b

  • SHA512

    cc5e6c9d152718e852e1eb3e9f2f6c71a45abd16cde063b2c7455b61eb26c4aae5ae8fbe8362a2fae3636624a1575b2b80fdea11bf71ff391755acfaeeb82e9d

  • SSDEEP

    3072:h9fpaVgrXWJuH7RgwiGkfM1+rS3vK0Ya71r:PpQgrmJG7Rg4/+rS3SPm

Score
10/10

Malware Config

Targets

    • Target

      b500525ec82203429144f30eadc3d602

    • Size

      108KB

    • MD5

      b500525ec82203429144f30eadc3d602

    • SHA1

      b693d7d15674647a7ac8ab4abd41f2ffe84b75e5

    • SHA256

      e43a687ad1d6dd93157260935d840429b4b650db61bfc8946bf7a0f10a882d4b

    • SHA512

      cc5e6c9d152718e852e1eb3e9f2f6c71a45abd16cde063b2c7455b61eb26c4aae5ae8fbe8362a2fae3636624a1575b2b80fdea11bf71ff391755acfaeeb82e9d

    • SSDEEP

      3072:h9fpaVgrXWJuH7RgwiGkfM1+rS3vK0Ya71r:PpQgrmJG7Rg4/+rS3SPm

    Score
    10/10
    • Modifies firewall policy service

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks