Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    prob rat.zip

  • Size

    1.1MB

  • Sample

    240519-16kzrsdb5v

  • MD5

    0ebcf394ba25c5f96b12bfd4c9a21cfa

  • SHA1

    d004a6ab048b96d128219f825e288089dd0d968f

  • SHA256

    cec7ef2ee8f074c05da82aa20814cfeb5337254e27b58ff0a6917ee18c94db2a

  • SHA512

    cb2161f68aab9289353e9b464765efb413638f6278ecf673ff5cda9819c573846ca82068f7c79ace8ac4ecc6a4c0bf0dfe56a71ba860e0b1840f97f0a537b0aa

  • SSDEEP

    24576:VLROCDvxEY6/eXYM0zostULID5W3SxRRCbZ6GQNiHYZ8Zxp:1ROClULosWW+cRRCbZ6GnHYZUxp

Score
8/10

Malware Config

Targets

    • Target

      injector.exe

    • Size

      6.0MB

    • MD5

      883f82d264966f767d881d0247d35782

    • SHA1

      a255b679824c4514d296cddeebb4bf5ab66aa3b6

    • SHA256

      8f3abe6f403520bd76e9969da8f57c48eca0840c9c631ed12aeaa390f089a07e

    • SHA512

      31d5aa29355c1a1d8b67546bfc32b3f9bbd81d7082b43e74e52f1fc7fcfd35a90e199ef9aded7752c8f88965ecb7f0a7eb8bb5771be0c1600915b3e3622c4936

    • SSDEEP

      24576:QU9QqMVCssGgPUh1VNn9UQ7+YymQAXDdVOaCoua71+J0fgbGSh4s3sXYX7bCiFpa:qxKBTJOr7QcoCDHdIFcDgTq4GdT

    Score
    8/10
    • Blocklisted process makes network request

    • Sets service image path in registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      internal.dll

    • Size

      130KB

    • MD5

      c39b1e688ff41b0ac5d3d35a98cf1f09

    • SHA1

      b68dd81764e8e33ea64ea535fcdf4da921475b7e

    • SHA256

      4c043478a2de55523492518b495252ba4e85a47901d9069fad4334bab0ed6d4c

    • SHA512

      6faffa172d19af6c079063b21ffe1778f0786e6b09e85bfebc4cf841b4ac1f51d880ff454389d5402f6bfaccdab7857be899dd888bd6730f8eb69a4aaf728845

    • SSDEEP

      1536:xh5wHMoCV0x0+4hNp87vV4DhCTF18RYsoGxuPwWhC5ZEsU5dGzwO/k5uTG6/nUj:rmMojx0tp8x4DhCTC4sUuzD/S6fUj

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks