Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    991a981068b0d7e68c714468ca240342bb5d64306a6340c5420537fa5604e740

  • Size

    144KB

  • Sample

    240312-248hqade9s

  • MD5

    6297d37be19fa2d9875c1a6e3180cfdb

  • SHA1

    e8cc9b46495e24009b35e53b318f6bab473eb3c1

  • SHA256

    991a981068b0d7e68c714468ca240342bb5d64306a6340c5420537fa5604e740

  • SHA512

    1869f60db34181f63047e4c41d38806d3eca0fe84e6231881159576dd5d29f38a7b0b5dbf7b8a17e795fcc57207099af5392439ae544634673d702b8568a04dc

  • SSDEEP

    3072:l5SVkkgUgXC7AdYzrV+Dljy/32ubwZ/qJ:SUFCkdYzrVolu/J0Z/

Score
9/10

Malware Config

Targets

    • Target

      991a981068b0d7e68c714468ca240342bb5d64306a6340c5420537fa5604e740

    • Size

      144KB

    • MD5

      6297d37be19fa2d9875c1a6e3180cfdb

    • SHA1

      e8cc9b46495e24009b35e53b318f6bab473eb3c1

    • SHA256

      991a981068b0d7e68c714468ca240342bb5d64306a6340c5420537fa5604e740

    • SHA512

      1869f60db34181f63047e4c41d38806d3eca0fe84e6231881159576dd5d29f38a7b0b5dbf7b8a17e795fcc57207099af5392439ae544634673d702b8568a04dc

    • SSDEEP

      3072:l5SVkkgUgXC7AdYzrV+Dljy/32ubwZ/qJ:SUFCkdYzrVolu/J0Z/

    Score
    9/10
    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks