Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

92dd0213c6...40.exe

windows7-x64

1

92dd0213c6...40.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    92dd0213c6860034985afc09aadec1a3f008ef7b040e5d690d6a9b19c871be40

  • Size

    216KB

  • Sample

    240418-akx44abe93

  • MD5

    2301a9913e02067864f513ac01e2794e

  • SHA1

    cfc9e56f525cf3f82edfdadfe4fe210a76b76ef6

  • SHA256

    92dd0213c6860034985afc09aadec1a3f008ef7b040e5d690d6a9b19c871be40

  • SHA512

    6316cd658aa6194cc860e21f8ccd36d269bc97e40e1222a5445235e683b3f34a53decdb949f197dd0386718ef04e06063a22228dc86228bd86450f5a587c0a91

  • SSDEEP

    3072:f56VkkgUgXC7AdYzrV+Dljy/32ubwZ/qJH:oUFCkdYzrVolu/J0Z/O

Score
9/10
persistenceupx

Malware Config

Targets

    • Target

      92dd0213c6860034985afc09aadec1a3f008ef7b040e5d690d6a9b19c871be40

    • Size

      216KB

    • MD5

      2301a9913e02067864f513ac01e2794e

    • SHA1

      cfc9e56f525cf3f82edfdadfe4fe210a76b76ef6

    • SHA256

      92dd0213c6860034985afc09aadec1a3f008ef7b040e5d690d6a9b19c871be40

    • SHA512

      6316cd658aa6194cc860e21f8ccd36d269bc97e40e1222a5445235e683b3f34a53decdb949f197dd0386718ef04e06063a22228dc86228bd86450f5a587c0a91

    • SSDEEP

      3072:f56VkkgUgXC7AdYzrV+Dljy/32ubwZ/qJH:oUFCkdYzrVolu/J0Z/O

    Score
    9/10
    persistenceupx

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks