Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    sample

  • Size

    19KB

  • Sample

    240513-yn9jasbf5w

  • MD5

    20f94e0fec19560a3addbd00d6e74d47

  • SHA1

    0e6216c71cfbdefb6f3c9980583cabcfc7df0619

  • SHA256

    b6c1a86d45d6f3c4ad75146d64e8d650de0449f2cb3ab280d62ecce86f07aff3

  • SHA512

    3e6f52b3c379335c41c15ae92ecbf809edf75640976457e075412db6d1b9802256fc6b1032bf7ef5862ca9cb798712f5d833c3b2abccc7c625b6fc2875c48ccd

  • SSDEEP

    384:rY8DpmReVoOs4Xi9ylKeGMpU8HhhbVck7aJo2paWhOwob0Vnp2IJCgMmVn:rTBVoOs4XmyI1M9Bhb2yaIWhOwob0Vpt

Score
8/10

Malware Config

Targets

    • Target

      sample

    • Size

      19KB

    • MD5

      20f94e0fec19560a3addbd00d6e74d47

    • SHA1

      0e6216c71cfbdefb6f3c9980583cabcfc7df0619

    • SHA256

      b6c1a86d45d6f3c4ad75146d64e8d650de0449f2cb3ab280d62ecce86f07aff3

    • SHA512

      3e6f52b3c379335c41c15ae92ecbf809edf75640976457e075412db6d1b9802256fc6b1032bf7ef5862ca9cb798712f5d833c3b2abccc7c625b6fc2875c48ccd

    • SSDEEP

      384:rY8DpmReVoOs4Xi9ylKeGMpU8HhhbVck7aJo2paWhOwob0Vnp2IJCgMmVn:rTBVoOs4XmyI1M9Bhb2yaIWhOwob0Vpt

    Score
    8/10
    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks