Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

5

ac075628b6...52.exe

windows11-21h2-x64

7

ac075628b6...52.exe

windows7-x64

7

ac075628b6...52.exe

windows10-1703-x64

7

ac075628b6...52.exe

windows10-2004-x64

7

ac075628b6...52.exe

windows11-21h2-x64

7

Resubmissions

17/04/2024, 08:54

240417-kt955aad45 7

17/04/2024, 08:54

240417-kt9jlaad44 7

17/04/2024, 08:54

240417-kt8masad42 7

17/04/2024, 08:54

240417-kt8bjabh6x 7

17/04/2024, 08:54

240417-kt7p1abh6w 7

17/04/2024, 06:26

240417-g7dsashd8w 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ac075628b6cdb15172f6a76f0d3331316934e09cf0f0bd3a94c0e5e23b02a352

  • Size

    14.1MB

  • Sample

    240417-g7dsashd8w

  • MD5

    ca8759c6ed97044b07af776617d63e60

  • SHA1

    8d9c7a6ae0d7b04965881640f890fb824e17aa15

  • SHA256

    ac075628b6cdb15172f6a76f0d3331316934e09cf0f0bd3a94c0e5e23b02a352

  • SHA512

    8c90dbb2d346c52d6c0a2a34df3fa4258c573df654a57e9a2d1304b55e770a18f9ff8d7c5006e9ec3e3890e27723516ada82d10429666d3985dabe6ce2166c36

  • SSDEEP

    196608:zCKlOXcCT0AdpHeFsfghvbxyUPbHjTV2JOogd3dB3q91okxWeOZSzsvwQv/bUYLH:WSuQsoNxDV6oNr3qoL3Zy6wQvjUeWw

Score
7/10

Malware Config

Targets

    • Target

      ac075628b6cdb15172f6a76f0d3331316934e09cf0f0bd3a94c0e5e23b02a352

    • Size

      14.1MB

    • MD5

      ca8759c6ed97044b07af776617d63e60

    • SHA1

      8d9c7a6ae0d7b04965881640f890fb824e17aa15

    • SHA256

      ac075628b6cdb15172f6a76f0d3331316934e09cf0f0bd3a94c0e5e23b02a352

    • SHA512

      8c90dbb2d346c52d6c0a2a34df3fa4258c573df654a57e9a2d1304b55e770a18f9ff8d7c5006e9ec3e3890e27723516ada82d10429666d3985dabe6ce2166c36

    • SSDEEP

      196608:zCKlOXcCT0AdpHeFsfghvbxyUPbHjTV2JOogd3dB3q91okxWeOZSzsvwQv/bUYLH:WSuQsoNxDV6oNr3qoL3Zy6wQvjUeWw

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3behavioral4behavioral5

MITRE ATT&CK Enterprise v15

Tasks