Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c6dbe6f1e1e42ab6dbb526896e11c87e

  • Size

    217KB

  • Sample

    240313-zya9xsgh4t

  • MD5

    c6dbe6f1e1e42ab6dbb526896e11c87e

  • SHA1

    310d657f36d8f084888b9e9a599c3441df01a1e9

  • SHA256

    3367c0963adf7f0ac8db6d13fb6335710986c7d600518078ca8112c8b100480a

  • SHA512

    ff404536401e3dc49795c32154ba8dcf3590ef0c1251e9999d7689287210ace9da4fce4f69ea7b7b5d4d814fba4ab6f6a7e78999b3cab4bf9169c9d985371b31

  • SSDEEP

    3072:esnuciTDfIT9A+sYrxzavZrWCb1ulwQBnRgztcFFXYVfrvfd59P3kLJ/pI1tTXDV:uXVYr0hrWxwQBRgS1YVrj9cLJpI

Score
10/10

Malware Config

Targets

    • Target

      c6dbe6f1e1e42ab6dbb526896e11c87e

    • Size

      217KB

    • MD5

      c6dbe6f1e1e42ab6dbb526896e11c87e

    • SHA1

      310d657f36d8f084888b9e9a599c3441df01a1e9

    • SHA256

      3367c0963adf7f0ac8db6d13fb6335710986c7d600518078ca8112c8b100480a

    • SHA512

      ff404536401e3dc49795c32154ba8dcf3590ef0c1251e9999d7689287210ace9da4fce4f69ea7b7b5d4d814fba4ab6f6a7e78999b3cab4bf9169c9d985371b31

    • SSDEEP

      3072:esnuciTDfIT9A+sYrxzavZrWCb1ulwQBnRgztcFFXYVfrvfd59P3kLJ/pI1tTXDV:uXVYr0hrWxwQBRgS1YVrj9cLJpI

    Score
    10/10
    • Modifies firewall policy service

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks