Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

34bd483459...f2.lnk

windows7-x64

10

34bd483459...f2.lnk

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    34bd4834595e140c49529abdb5971f000b6750cf3315e63fe9ca95cd2347f9f2.lnk

  • Size

    1.7MB

  • Sample

    240312-tt7vfadd7x

  • MD5

    21e6ec6dd1e6d3b7abfda04e9189d72d

  • SHA1

    11db057a906824897c8fabcc42f0ba7f88e04f81

  • SHA256

    34bd4834595e140c49529abdb5971f000b6750cf3315e63fe9ca95cd2347f9f2

  • SHA512

    a741dc0b33a8ab2860f4279563b2baf29ab74e9f0d7a033fc39ffe3d0969d5e3cc8ec77b1e9ff4051a0ec83f267ff6ab2980bbafb90f3d7e4f5663ae4aac4190

  • SSDEEP

    24576:b74C5wFv9TW5mFiS3h+nP8etAercYKyLgLgybuEDcqbzZBqnATq9HlMhwLo:QC6LBFiS301AYwsySED9bzyFghwM

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://dl.dropboxusercontent.com/scl/fi/rcrb1ffz4k4pdxpuqluz7/september.txt?rlkey=ja42pzxka70vflanu9xkgmoj8&dl=0

Targets

    • Target

      34bd4834595e140c49529abdb5971f000b6750cf3315e63fe9ca95cd2347f9f2.lnk

    • Size

      1.7MB

    • MD5

      21e6ec6dd1e6d3b7abfda04e9189d72d

    • SHA1

      11db057a906824897c8fabcc42f0ba7f88e04f81

    • SHA256

      34bd4834595e140c49529abdb5971f000b6750cf3315e63fe9ca95cd2347f9f2

    • SHA512

      a741dc0b33a8ab2860f4279563b2baf29ab74e9f0d7a033fc39ffe3d0969d5e3cc8ec77b1e9ff4051a0ec83f267ff6ab2980bbafb90f3d7e4f5663ae4aac4190

    • SSDEEP

      24576:b74C5wFv9TW5mFiS3h+nP8etAercYKyLgLgybuEDcqbzZBqnATq9HlMhwLo:QC6LBFiS301AYwsySED9bzyFghwM

    Score
    10/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks