Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    SecuriteInfo.com.W32.Agent_AGen.ABZ.tr.30631.16009.exe

  • Size

    435KB

  • Sample

    240311-g2lkyseb4x

  • MD5

    2ff5504c8b803e79dade34401c89701d

  • SHA1

    87d626130cfcb4f3984a4b7ab74f956fe4f13b60

  • SHA256

    ee6411869e495253cbbfc96932f262dbe199277a319aad8654c30f54534da109

  • SHA512

    c2c11c0075efb5b2a72cb10ad17221482790b0081fdefb1512df8cddfe7f50aa13a22d9e654c4461109ff8c5063cb3f49e5f890afce2c2f0e46d5117895d74d2

  • SSDEEP

    12288:TDr0C0xkXVXvNxeNOo2nLNsllllJsllllhi:TDr0C0xkXVXiNMnL4

Score
8/10

Malware Config

Targets

    • Target

      SecuriteInfo.com.W32.Agent_AGen.ABZ.tr.30631.16009.exe

    • Size

      435KB

    • MD5

      2ff5504c8b803e79dade34401c89701d

    • SHA1

      87d626130cfcb4f3984a4b7ab74f956fe4f13b60

    • SHA256

      ee6411869e495253cbbfc96932f262dbe199277a319aad8654c30f54534da109

    • SHA512

      c2c11c0075efb5b2a72cb10ad17221482790b0081fdefb1512df8cddfe7f50aa13a22d9e654c4461109ff8c5063cb3f49e5f890afce2c2f0e46d5117895d74d2

    • SSDEEP

      12288:TDr0C0xkXVXvNxeNOo2nLNsllllJsllllhi:TDr0C0xkXVXiNMnL4

    Score
    8/10
    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks