Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Multi_Menu_Injector_V2.exe

  • Size

    337KB

  • Sample

    240410-wwbwwsag8z

  • MD5

    940ca5f0664cb25bd69e771fc2fc3935

  • SHA1

    de610bb532a61898aff07e51eae6e81e47b88b70

  • SHA256

    5843a30474524689d1972bde16bca17160632b0f20200b61ea2f78ace5d4d905

  • SHA512

    afff043c973a859014d883bdac2fa56115a98cf8f4e7a5c9ffd9f966d379b6afb4a435df1675e0ed2303dca97e2569509e13f5e342723cc100b3e7ca948177e4

  • SSDEEP

    6144:Toob0G8fgKSqBKpGNrvo6ilVfpf5h4KdUgr9RjczIyAD8fU6bkD+NrgJf9:hILYKbBKpG5QlVl5h1dDr96ADTD+RgJF

Score
7/10

Malware Config

Targets

    • Target

      Multi_Menu_Injector_V2.exe

    • Size

      337KB

    • MD5

      940ca5f0664cb25bd69e771fc2fc3935

    • SHA1

      de610bb532a61898aff07e51eae6e81e47b88b70

    • SHA256

      5843a30474524689d1972bde16bca17160632b0f20200b61ea2f78ace5d4d905

    • SHA512

      afff043c973a859014d883bdac2fa56115a98cf8f4e7a5c9ffd9f966d379b6afb4a435df1675e0ed2303dca97e2569509e13f5e342723cc100b3e7ca948177e4

    • SSDEEP

      6144:Toob0G8fgKSqBKpGNrvo6ilVfpf5h4KdUgr9RjczIyAD8fU6bkD+NrgJf9:hILYKbBKpG5QlVl5h1dDr96ADTD+RgJF

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks