Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    PI for #13288.scr

  • Size

    744KB

  • Sample

    240312-dl4j2sge75

  • MD5

    ab74b52d1ea5ef201a973d429a1ea391

  • SHA1

    f49e82b818294e34759e96f673f0ccbdb7664f8b

  • SHA256

    dff16015060738ff6ca68093a23d4cd57e91af191a2398ac1afa00dcb4e4903f

  • SHA512

    16aa2fc0e81fae9b1d3c78e5e2819111278707a6fea5cadd80ca79c2392c54269562892d939a809ece5c18fe1e7e5cb904353988ef4933260dc488616c263604

  • SSDEEP

    12288:WHsJTENl3lVIEF/PWt/VEfR5IdJ84LjS57V+RWL6kg6HjagyxbDyQBU3tgp:jxENlHF/s9EXIdJ84izUkg6HjagyNUt

Score
7/10

Malware Config

Targets

    • Target

      PI for #13288.scr

    • Size

      744KB

    • MD5

      ab74b52d1ea5ef201a973d429a1ea391

    • SHA1

      f49e82b818294e34759e96f673f0ccbdb7664f8b

    • SHA256

      dff16015060738ff6ca68093a23d4cd57e91af191a2398ac1afa00dcb4e4903f

    • SHA512

      16aa2fc0e81fae9b1d3c78e5e2819111278707a6fea5cadd80ca79c2392c54269562892d939a809ece5c18fe1e7e5cb904353988ef4933260dc488616c263604

    • SSDEEP

      12288:WHsJTENl3lVIEF/PWt/VEfR5IdJ84LjS57V+RWL6kg6HjagyxbDyQBU3tgp:jxENlHF/s9EXIdJ84izUkg6HjagyNUt

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks