Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    UpdPack_B24.318.1.exe

  • Size

    93.1MB

  • Sample

    240512-tlwr7sdf6v

  • MD5

    8dbb210bdc869d31753042128c7a791b

  • SHA1

    359eabfab857db901f3e769ad39b16cc9b769548

  • SHA256

    9207e638ad13824318ce5a2e53db3aa51b2a9bfda7c90203b4819818dd32bb8e

  • SHA512

    6703ba0f6ef9b4b57cef96b637b7d31d96a1cb786f0039af57f8a104a46330afb9008168b30f1721c2ab589e64a636caf04d7c33c68c6b897dca4061de30222c

  • SSDEEP

    1572864:IIQBB7ziHIHeDhXJGo+XTsyxBKQh3/nk9ld78r997od6OFD:I1BoHIHa8TBxBKQhfkvx8Z986OFD

Malware Config

Targets

    • Target

      UpdPack_B24.318.1.exe

    • Size

      93.1MB

    • MD5

      8dbb210bdc869d31753042128c7a791b

    • SHA1

      359eabfab857db901f3e769ad39b16cc9b769548

    • SHA256

      9207e638ad13824318ce5a2e53db3aa51b2a9bfda7c90203b4819818dd32bb8e

    • SHA512

      6703ba0f6ef9b4b57cef96b637b7d31d96a1cb786f0039af57f8a104a46330afb9008168b30f1721c2ab589e64a636caf04d7c33c68c6b897dca4061de30222c

    • SSDEEP

      1572864:IIQBB7ziHIHeDhXJGo+XTsyxBKQh3/nk9ld78r997od6OFD:I1BoHIHa8TBxBKQhfkvx8Z986OFD

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks