Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

42262337e2...46.exe

windows7-x64

10

42262337e2...46.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    42262337e2e62de9897dfc8326f5fe2c581c9e510963c00bdcce2a966100f746

  • Size

    204KB

  • Sample

    240424-swg65acd69

  • MD5

    a52b159a4e10ac096d13ff67ed338d20

  • SHA1

    6a8ef03182ff428b59123d0cf697079f327aaafa

  • SHA256

    42262337e2e62de9897dfc8326f5fe2c581c9e510963c00bdcce2a966100f746

  • SHA512

    f8c7978b663b0048ed942f023c6c2c32645ac233983cca391b98e1c8b1f728b5aceeb6d92bc5972f1eebe9149561dcc2ff9ef1a7f1c2fa97009f6ae101c816bf

  • SSDEEP

    3072:GmrW8Br0tQ9nLHbB9W0c1TqECzR/mkSYGrl9ymgYUWVME:h6e4QxL7B9W0c1RCzR/fSmluv

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      42262337e2e62de9897dfc8326f5fe2c581c9e510963c00bdcce2a966100f746

    • Size

      204KB

    • MD5

      a52b159a4e10ac096d13ff67ed338d20

    • SHA1

      6a8ef03182ff428b59123d0cf697079f327aaafa

    • SHA256

      42262337e2e62de9897dfc8326f5fe2c581c9e510963c00bdcce2a966100f746

    • SHA512

      f8c7978b663b0048ed942f023c6c2c32645ac233983cca391b98e1c8b1f728b5aceeb6d92bc5972f1eebe9149561dcc2ff9ef1a7f1c2fa97009f6ae101c816bf

    • SSDEEP

      3072:GmrW8Br0tQ9nLHbB9W0c1TqECzR/mkSYGrl9ymgYUWVME:h6e4QxL7B9W0c1RCzR/fSmluv

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks