Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Guide.exe

windows10-1703-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    watykanczyk.rar

  • Size

    17.3MB

  • Sample

    240504-1kp2lafc42

  • MD5

    4eaf1df7cee7348df4ea60c07f1ee845

  • SHA1

    9eeed588d0bebbc710559e7a0be6b745468d94fe

  • SHA256

    5a23bb5db94cdc2711a2301bb9562390666da84951df1036ca31c22d8f292b33

  • SHA512

    45346bcc5dcbd1b97e76670e69bcfa525427b4864cedf9c76c9fec6df340e0e4938972d6eeef10e691c77b7d650de73ddd1cb4f18b035a20786c7fff3a1b3ee2

  • SSDEEP

    393216:jhyuKswMZXAHhyAsD0SMUoOv0QBI8NFjGjvI5ULuJwoo:5xTZXAHXsnu6BI8TGj/LQo

Score
7/10
persistence

Malware Config

Targets

    • Target

      Guide.exe

    • Size

      25.1MB

    • MD5

      298759d9863879a080bdb0f10b634947

    • SHA1

      e68509da202d00f5396a78ff9ad57333c23ccf82

    • SHA256

      7e2458cfe24cb649c259bfd4993f8d9650ba086f99a225408111a37aa21f71d2

    • SHA512

      1447b44ce49794fa20ea35e5abda531468570395c70cc91ed890fcb5c867627a13fa64fb6cfc3a58606a3fc348fde4f6299a594a62f473206a454adcb58ed05e

    • SSDEEP

      786432:FSgY6GZrzqKmTmb1zOKNQHNgoG49hwpgYZV/:FNgqKmab1kZ/BYZ

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks