Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

c320618635...83.exe

windows7-x64

10

c320618635...83.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c3206186353e61967ad33fa425339d83

  • Size

    140KB

  • Sample

    240312-mgmkeagf22

  • MD5

    c3206186353e61967ad33fa425339d83

  • SHA1

    209c1137453641c3ea32488331a3890021f486a6

  • SHA256

    24f0682680e847225d2e0b5968ae3839fd7c0929487b2a70dec3702b1138bcf1

  • SHA512

    e0bf05c40fe6afe386e59b57609635ef63c84f987bb5622e01fdab34d3d8fc8ecd298ad46e6021172b9f86a3cbdc4425097ead8a412194d714265083bfb7308b

  • SSDEEP

    3072:Qa6Gh3vu3XuIcN6/xbccM3hEL8fyUha5fJiF2W:QaF/uuIcNmLX8dhaRJiB

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      c3206186353e61967ad33fa425339d83

    • Size

      140KB

    • MD5

      c3206186353e61967ad33fa425339d83

    • SHA1

      209c1137453641c3ea32488331a3890021f486a6

    • SHA256

      24f0682680e847225d2e0b5968ae3839fd7c0929487b2a70dec3702b1138bcf1

    • SHA512

      e0bf05c40fe6afe386e59b57609635ef63c84f987bb5622e01fdab34d3d8fc8ecd298ad46e6021172b9f86a3cbdc4425097ead8a412194d714265083bfb7308b

    • SSDEEP

      3072:Qa6Gh3vu3XuIcN6/xbccM3hEL8fyUha5fJiF2W:QaF/uuIcNmLX8dhaRJiB

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks