Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

1a0bbfe34f...3b.exe

windows7-x64

10

1a0bbfe34f...3b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1a0bbfe34ffe7814b010aac7f3a9557ec81a2757b78adad3686de429b1bddd3b

  • Size

    120KB

  • Sample

    240327-wjj2qshe53

  • MD5

    d4b7fc48ed42f8e66b2b0d289c825167

  • SHA1

    04fcdcd79b39458e23dfa89eedb32f525d345323

  • SHA256

    1a0bbfe34ffe7814b010aac7f3a9557ec81a2757b78adad3686de429b1bddd3b

  • SHA512

    99a123d7dbcea5c59f5ae92f330a4f6a20a7140b4d8aa4e7ef5cc2358a934172ba231495e38fefcd53511cd0a3787adfb5d92e35a335cf5f7c7bb691b03d68dd

  • SSDEEP

    3072:56v7777777777777777H77777777777777777777777777777tUaIqcNBcDL:eUaILNBcX

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      1a0bbfe34ffe7814b010aac7f3a9557ec81a2757b78adad3686de429b1bddd3b

    • Size

      120KB

    • MD5

      d4b7fc48ed42f8e66b2b0d289c825167

    • SHA1

      04fcdcd79b39458e23dfa89eedb32f525d345323

    • SHA256

      1a0bbfe34ffe7814b010aac7f3a9557ec81a2757b78adad3686de429b1bddd3b

    • SHA512

      99a123d7dbcea5c59f5ae92f330a4f6a20a7140b4d8aa4e7ef5cc2358a934172ba231495e38fefcd53511cd0a3787adfb5d92e35a335cf5f7c7bb691b03d68dd

    • SSDEEP

      3072:56v7777777777777777H77777777777777777777777777777tUaIqcNBcDL:eUaILNBcX

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks