Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

9d70d73527...7a.exe

windows7-x64

10

9d70d73527...7a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9d70d735277becc8ea809fd811195ab27c5fbae131713f02a03a3b42926cd67a

  • Size

    188KB

  • Sample

    240326-2z1x3see48

  • MD5

    8f815c34a19a388c510029ef10124f80

  • SHA1

    bedf77970ccc1337eae90ea960d3d3bb0e620348

  • SHA256

    9d70d735277becc8ea809fd811195ab27c5fbae131713f02a03a3b42926cd67a

  • SHA512

    42c52407e3c2dd9b3aba6d662ed8900fe92ca1dac8ddf7cfa62c150f2cee177468fb1e1f021c37a5fb5adae3e54df3b082f63a97bdef6d46649870b0c44c5eae

  • SSDEEP

    3072:K7fyA+M5ROnFG5pY0hrDGILpLI0M/Dk4KrfXRdjnbk9bOlezfQnFTTvprw1Wf8W6:K76A+YCKs0tzXRdjbk9bbyvprww0W

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      9d70d735277becc8ea809fd811195ab27c5fbae131713f02a03a3b42926cd67a

    • Size

      188KB

    • MD5

      8f815c34a19a388c510029ef10124f80

    • SHA1

      bedf77970ccc1337eae90ea960d3d3bb0e620348

    • SHA256

      9d70d735277becc8ea809fd811195ab27c5fbae131713f02a03a3b42926cd67a

    • SHA512

      42c52407e3c2dd9b3aba6d662ed8900fe92ca1dac8ddf7cfa62c150f2cee177468fb1e1f021c37a5fb5adae3e54df3b082f63a97bdef6d46649870b0c44c5eae

    • SSDEEP

      3072:K7fyA+M5ROnFG5pY0hrDGILpLI0M/Dk4KrfXRdjnbk9bOlezfQnFTTvprw1Wf8W6:K76A+YCKs0tzXRdjbk9bbyvprww0W

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks