Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c06b0525324e9faf1c9c093703fd6112d20fcefd4e279d94b1003cdc6f934370

  • Size

    12KB

  • Sample

    240522-x1xvladd5y

  • MD5

    05f2148bdf463a7e290c097978f5279f

  • SHA1

    a60e388590749e2843deb3f1e4762950eef5d201

  • SHA256

    c06b0525324e9faf1c9c093703fd6112d20fcefd4e279d94b1003cdc6f934370

  • SHA512

    7153146e1946dbd29ffa5999c09acd7dee2e89fc6daad16546d69fe5141f2f52bd08185e89ded5a75f274c3f72a324a58d1264f34430584d89adbcb0ed966c2d

  • SSDEEP

    192:TL29RBzDzeobchBj8JONqONCHrukrEPEjr7AhB:P29jnbcvYJOjyukvr7CB

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source

Targets

    • Target

      c06b0525324e9faf1c9c093703fd6112d20fcefd4e279d94b1003cdc6f934370

    • Size

      12KB

    • MD5

      05f2148bdf463a7e290c097978f5279f

    • SHA1

      a60e388590749e2843deb3f1e4762950eef5d201

    • SHA256

      c06b0525324e9faf1c9c093703fd6112d20fcefd4e279d94b1003cdc6f934370

    • SHA512

      7153146e1946dbd29ffa5999c09acd7dee2e89fc6daad16546d69fe5141f2f52bd08185e89ded5a75f274c3f72a324a58d1264f34430584d89adbcb0ed966c2d

    • SSDEEP

      192:TL29RBzDzeobchBj8JONqONCHrukrEPEjr7AhB:P29jnbcvYJOjyukvr7CB

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks