Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

d94878b319...32.exe

windows7-x64

10

d94878b319...32.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d94878b3191902f93f42cb084e6f588e09293f67f380e896ad5b0bab91807c32

  • Size

    156KB

  • Sample

    240409-3me1hsad53

  • MD5

    8313610121a1a01d985f5b1f48caf78e

  • SHA1

    42c0ce70698c18c08ee985a3464e505201ebb9f9

  • SHA256

    d94878b3191902f93f42cb084e6f588e09293f67f380e896ad5b0bab91807c32

  • SHA512

    992fc799b34eeaab73cc4e63c912612a9f1bdad4fd9ce8e037285ea8676e03ef49f2cda371c060f12ea79fe8db617c4cdae205a32933e78d92959467a17ca7ad

  • SSDEEP

    3072:ZsTOWVcx8jeFvB0Z/I8xSFJKxr2CrILXNoiv:WQIcvqVuJyr2CMLX+S

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      d94878b3191902f93f42cb084e6f588e09293f67f380e896ad5b0bab91807c32

    • Size

      156KB

    • MD5

      8313610121a1a01d985f5b1f48caf78e

    • SHA1

      42c0ce70698c18c08ee985a3464e505201ebb9f9

    • SHA256

      d94878b3191902f93f42cb084e6f588e09293f67f380e896ad5b0bab91807c32

    • SHA512

      992fc799b34eeaab73cc4e63c912612a9f1bdad4fd9ce8e037285ea8676e03ef49f2cda371c060f12ea79fe8db617c4cdae205a32933e78d92959467a17ca7ad

    • SSDEEP

      3072:ZsTOWVcx8jeFvB0Z/I8xSFJKxr2CrILXNoiv:WQIcvqVuJyr2CMLX+S

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks