Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9724b04196328c93c6471346298c8c3f7df8a4f7f1dcfcabd8069aa3239aed97

  • Size

    12KB

  • Sample

    240522-xgngtacf99

  • MD5

    ba57d3d2b83ae6eee6b9ae4ac5a096eb

  • SHA1

    caed869a41956f6c0c435c548bfa56e811be27be

  • SHA256

    9724b04196328c93c6471346298c8c3f7df8a4f7f1dcfcabd8069aa3239aed97

  • SHA512

    7f7b4e76091af53c6a69ff1f448adc94391b16dfcbdbe3472f28e3cdea2cbfe480f748b1ea52a91816aed338be2a5c9efaf5af1e5356f929a9c331d37c860aa6

  • SSDEEP

    192:7L29RBzDzeobchBj8JONVONSY74rusVrEPEjr7AhS:n29jnbcvYJOSx7Aucvr7CS

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source

Targets

    • Target

      9724b04196328c93c6471346298c8c3f7df8a4f7f1dcfcabd8069aa3239aed97

    • Size

      12KB

    • MD5

      ba57d3d2b83ae6eee6b9ae4ac5a096eb

    • SHA1

      caed869a41956f6c0c435c548bfa56e811be27be

    • SHA256

      9724b04196328c93c6471346298c8c3f7df8a4f7f1dcfcabd8069aa3239aed97

    • SHA512

      7f7b4e76091af53c6a69ff1f448adc94391b16dfcbdbe3472f28e3cdea2cbfe480f748b1ea52a91816aed338be2a5c9efaf5af1e5356f929a9c331d37c860aa6

    • SSDEEP

      192:7L29RBzDzeobchBj8JONVONSY74rusVrEPEjr7AhS:n29jnbcvYJOSx7Aucvr7CS

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks