Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c6dbe6f1e1e42ab6dbb526896e11c87e
-
Size
217KB
-
Sample
240313-zya9xsgh4t
-
MD5
c6dbe6f1e1e42ab6dbb526896e11c87e
-
SHA1
310d657f36d8f084888b9e9a599c3441df01a1e9
-
SHA256
3367c0963adf7f0ac8db6d13fb6335710986c7d600518078ca8112c8b100480a
-
SHA512
ff404536401e3dc49795c32154ba8dcf3590ef0c1251e9999d7689287210ace9da4fce4f69ea7b7b5d4d814fba4ab6f6a7e78999b3cab4bf9169c9d985371b31
-
SSDEEP
3072:esnuciTDfIT9A+sYrxzavZrWCb1ulwQBnRgztcFFXYVfrvfd59P3kLJ/pI1tTXDV:uXVYr0hrWxwQBRgS1YVrj9cLJpI
Static task
static1
Behavioral task
behavioral1
Sample
c6dbe6f1e1e42ab6dbb526896e11c87e.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
c6dbe6f1e1e42ab6dbb526896e11c87e.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
c6dbe6f1e1e42ab6dbb526896e11c87e
-
Size
217KB
-
MD5
c6dbe6f1e1e42ab6dbb526896e11c87e
-
SHA1
310d657f36d8f084888b9e9a599c3441df01a1e9
-
SHA256
3367c0963adf7f0ac8db6d13fb6335710986c7d600518078ca8112c8b100480a
-
SHA512
ff404536401e3dc49795c32154ba8dcf3590ef0c1251e9999d7689287210ace9da4fce4f69ea7b7b5d4d814fba4ab6f6a7e78999b3cab4bf9169c9d985371b31
-
SSDEEP
3072:esnuciTDfIT9A+sYrxzavZrWCb1ulwQBnRgztcFFXYVfrvfd59P3kLJ/pI1tTXDV:uXVYr0hrWxwQBRgS1YVrj9cLJpI
Score10/10-
Modifies firewall policy service
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1