Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    92dd0213c6860034985afc09aadec1a3f008ef7b040e5d690d6a9b19c871be40

  • Size

    216KB

  • Sample

    240418-akx44abe93

  • MD5

    2301a9913e02067864f513ac01e2794e

  • SHA1

    cfc9e56f525cf3f82edfdadfe4fe210a76b76ef6

  • SHA256

    92dd0213c6860034985afc09aadec1a3f008ef7b040e5d690d6a9b19c871be40

  • SHA512

    6316cd658aa6194cc860e21f8ccd36d269bc97e40e1222a5445235e683b3f34a53decdb949f197dd0386718ef04e06063a22228dc86228bd86450f5a587c0a91

  • SSDEEP

    3072:f56VkkgUgXC7AdYzrV+Dljy/32ubwZ/qJH:oUFCkdYzrVolu/J0Z/O

Score
9/10

Malware Config

Targets

    • Target

      92dd0213c6860034985afc09aadec1a3f008ef7b040e5d690d6a9b19c871be40

    • Size

      216KB

    • MD5

      2301a9913e02067864f513ac01e2794e

    • SHA1

      cfc9e56f525cf3f82edfdadfe4fe210a76b76ef6

    • SHA256

      92dd0213c6860034985afc09aadec1a3f008ef7b040e5d690d6a9b19c871be40

    • SHA512

      6316cd658aa6194cc860e21f8ccd36d269bc97e40e1222a5445235e683b3f34a53decdb949f197dd0386718ef04e06063a22228dc86228bd86450f5a587c0a91

    • SSDEEP

      3072:f56VkkgUgXC7AdYzrV+Dljy/32ubwZ/qJH:oUFCkdYzrVolu/J0Z/O

    Score
    9/10
    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks