Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

c4b7b163bf...02.exe

windows7-x64

10

c4b7b163bf...02.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c4b7b163bfff459d2bbcb458bdb24e15ae99b885a97ed2949c03cd54fcef7402

  • Size

    100KB

  • Sample

    240420-c2z15afb3y

  • MD5

    30b341b4778dfae34883cdb31117ec8d

  • SHA1

    a3fa959d14832feb7fdef623d27b50173994b0f7

  • SHA256

    c4b7b163bfff459d2bbcb458bdb24e15ae99b885a97ed2949c03cd54fcef7402

  • SHA512

    28e9126873062bdffa56c43983f86d11d4654c45cb52e82d71ba552ee22680bc5b23af4772929a476d1218eef3fe1ccb6f60ae81193f7551b43b890089a6d9e9

  • SSDEEP

    1536:jtHi0gN8p4BNRXAEwqScgDz0Bg2PDXJRde/SwvFMYVwC+QaMaS+XjLlm:dH4zDfDXJVI+fS+3s

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      c4b7b163bfff459d2bbcb458bdb24e15ae99b885a97ed2949c03cd54fcef7402

    • Size

      100KB

    • MD5

      30b341b4778dfae34883cdb31117ec8d

    • SHA1

      a3fa959d14832feb7fdef623d27b50173994b0f7

    • SHA256

      c4b7b163bfff459d2bbcb458bdb24e15ae99b885a97ed2949c03cd54fcef7402

    • SHA512

      28e9126873062bdffa56c43983f86d11d4654c45cb52e82d71ba552ee22680bc5b23af4772929a476d1218eef3fe1ccb6f60ae81193f7551b43b890089a6d9e9

    • SSDEEP

      1536:jtHi0gN8p4BNRXAEwqScgDz0Bg2PDXJRde/SwvFMYVwC+QaMaS+XjLlm:dH4zDfDXJVI+fS+3s

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks