Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8588c0c872a004d16455c5f28a4e9c0e8875b10b295f42b93a69a211f5fb9f6f

  • Size

    2.5MB

  • Sample

    240308-sb4vdsaf5v

  • MD5

    145fb0a72ca3799c22a451683b0b6d38

  • SHA1

    9ee456116c6da2d416b078ecc70008f1682be605

  • SHA256

    8588c0c872a004d16455c5f28a4e9c0e8875b10b295f42b93a69a211f5fb9f6f

  • SHA512

    566ff9bc201d8fb0552fb9a473a780339b04e7c4d7083f3d18a3fbd705493c4af7a06da7e89e3c4a50e9acb6dd8c5c595511c924a2b1b91b77c3e907be80d68a

  • SSDEEP

    49152:vB+dPmenydp6g4OiZrq1DfP+rsNADtV6v+L8uSwiPSCmDS+5uSlVQ:Cuiyd54OiZrq1DfPHNADtV6v+

Score
7/10
upx

Malware Config

Targets

    • Target

      8588c0c872a004d16455c5f28a4e9c0e8875b10b295f42b93a69a211f5fb9f6f

    • Size

      2.5MB

    • MD5

      145fb0a72ca3799c22a451683b0b6d38

    • SHA1

      9ee456116c6da2d416b078ecc70008f1682be605

    • SHA256

      8588c0c872a004d16455c5f28a4e9c0e8875b10b295f42b93a69a211f5fb9f6f

    • SHA512

      566ff9bc201d8fb0552fb9a473a780339b04e7c4d7083f3d18a3fbd705493c4af7a06da7e89e3c4a50e9acb6dd8c5c595511c924a2b1b91b77c3e907be80d68a

    • SSDEEP

      49152:vB+dPmenydp6g4OiZrq1DfP+rsNADtV6v+L8uSwiPSCmDS+5uSlVQ:Cuiyd54OiZrq1DfPHNADtV6v+

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks