Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

155绿色�...��.url

windows7-x64

1

155绿色�...��.url

windows10-2004-x64

1

52fywg.exe

windows7-x64

7

52fywg.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bf2e0c33a197062222e307f1a095ed83

  • Size

    514KB

  • Sample

    240310-2xqdkadg3y

  • MD5

    bf2e0c33a197062222e307f1a095ed83

  • SHA1

    574bcad4e8b890a14b58928b53267b783d6ac890

  • SHA256

    b219d1944ed41f33d4cf532ffe7428b2f494b9f693a70aa7a9100b5550e794df

  • SHA512

    d73de1a8c23eb66d601aa4f733919c472009425e6100bb176fc9459e08ac3bb4714e16048e30cdfefc0e5ff60d20ec09151e154c2f50e8b3bb47826dc4db585e

  • SSDEEP

    12288:7AQTreSrX6Jbyeb/XlM+hu0hWKLx5gOaw0fZavo8OA9:7TTqSrMbvlM+h9WKLrgOjQy9

Score
7/10
upx

Malware Config

Targets

    • Target

      155绿色软件站.url

    • Size

      219B

    • MD5

      3a1f2a8a3ef08ae269517a69ea918b2c

    • SHA1

      7d2e6719702bc8472e045e010efa6ed3f7df4b5b

    • SHA256

      66eafefa8bb0155e60828476bde6068573fe64a4fd0aa052eba074dbe85d46cd

    • SHA512

      22203a78192cadc02d0f887247675925273a69e3be82ec1a331197f892216a282cc8f37c3ffbfb578a708244181037277b8cc6a40d8ec70cdf0feac5d80f8576

    Score
    1/10
    behavioral1behavioral2

    • Target

      52fywg.exe

    • Size

      1.0MB

    • MD5

      805dc8ea0c4c626109037b4c6b3f73d2

    • SHA1

      cc4224ed24bc309413f6f4f85dd3ba1cde65c701

    • SHA256

      8748e9a133c0aabc61b04bfe735f1f276157874874a8c08400d8ef21144170cb

    • SHA512

      23a9e2698bd168ce59a2226885b4c6173ff1415a5a843c4d560753a03b51778ad100f7f6765f429048eb6c47ebd4e7ce19097cbc16bb886d6a2b00930e8bd92f

    • SSDEEP

      24576:B8xnT9uMDSdHH2tF7VYPhbQMkDlyGh1l46:B8xxubAWPhbKyGh1l7

    Score
    7/10
    upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks