Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    CATALOG LIST‮s᠎x᠎l᠎x᠎..exe

  • Size

    616KB

  • Sample

    240314-h535vafh33

  • MD5

    4390e4862c4906c8a2f35366ba4066d9

  • SHA1

    4688330403611320e6d37dbc54e2327e47b2fe0e

  • SHA256

    8cece70bbfdfe1792ec9e1c3be822369aaee57680ea0bc78bd8dc37d07e43fc0

  • SHA512

    882faa9f80c507b9cb8d2e595893f78dc7a72e1b74c951a3a19d1db6d6682b3b544f74902b946c1a4e6f807cb8c54192366cce5eb360f79ba55da99b940c7d75

  • SSDEEP

    12288:ofiw8MkxswcXKC2zNWfm2YRm5sm2YRm5hkxswcXKC2zNW:gD8MZX9uWfm2Yysm2YyhZX9uW

Score
10/10

Malware Config

Targets

    • Target

      CATALOG LIST‮s᠎x᠎l᠎x᠎..exe

    • Size

      616KB

    • MD5

      4390e4862c4906c8a2f35366ba4066d9

    • SHA1

      4688330403611320e6d37dbc54e2327e47b2fe0e

    • SHA256

      8cece70bbfdfe1792ec9e1c3be822369aaee57680ea0bc78bd8dc37d07e43fc0

    • SHA512

      882faa9f80c507b9cb8d2e595893f78dc7a72e1b74c951a3a19d1db6d6682b3b544f74902b946c1a4e6f807cb8c54192366cce5eb360f79ba55da99b940c7d75

    • SSDEEP

      12288:ofiw8MkxswcXKC2zNWfm2YRm5sm2YRm5hkxswcXKC2zNW:gD8MZX9uWfm2Yysm2YyhZX9uW

    Score
    10/10
    • UAC bypass

    • Windows security bypass

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Uses the VBS compiler for execution

    • Windows security modification

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks