Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e097bb2d81f298f00366c9f679fb1fe68276dad5417ce09f7802f248bbc54089

  • Size

    12KB

  • Sample

    240522-vajh6she54

  • MD5

    16e673ea543292122cfe9db64dca1f9c

  • SHA1

    11745eedf398b7f4f33f7e26cd92ecfa17ae89fe

  • SHA256

    e097bb2d81f298f00366c9f679fb1fe68276dad5417ce09f7802f248bbc54089

  • SHA512

    a9d9f28364ba5832eaaae9979cde9f6bf1730ed296187dfd5a46975d624ec628b51d1dc190930b269fbb568cc1db42c2c10a21f8bd72b1c0966e67e501a5ce97

  • SSDEEP

    192:RL29RBzDzeobchBj8JONlONsVruFrEPEjr7AhuN:h29jnbcvYJOmWuFvr7Cq

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source

Targets

    • Target

      e097bb2d81f298f00366c9f679fb1fe68276dad5417ce09f7802f248bbc54089

    • Size

      12KB

    • MD5

      16e673ea543292122cfe9db64dca1f9c

    • SHA1

      11745eedf398b7f4f33f7e26cd92ecfa17ae89fe

    • SHA256

      e097bb2d81f298f00366c9f679fb1fe68276dad5417ce09f7802f248bbc54089

    • SHA512

      a9d9f28364ba5832eaaae9979cde9f6bf1730ed296187dfd5a46975d624ec628b51d1dc190930b269fbb568cc1db42c2c10a21f8bd72b1c0966e67e501a5ce97

    • SSDEEP

      192:RL29RBzDzeobchBj8JONlONsVruFrEPEjr7AhuN:h29jnbcvYJOmWuFvr7Cq

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks