Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

29/05/2024, 05:32

240529-f8gpxach46 8

General

  • Target

    PO-2024-SGL-014.exe

  • Size

    729KB

  • Sample

    240529-f8gpxach46

  • MD5

    d7bfd4fbd63b24a8848b0179ea7ad1e3

  • SHA1

    d82909d8315d72f13e0800cf2c8b8d714a08d87e

  • SHA256

    598e01cb5243265105853c0c275853142f95f34a1f21f339903d26a5878ef6f4

  • SHA512

    dad5e88c8223f8544111bc362e6888a34777691d20b0946361b263837186a0236df63d4e3c4f9802f990e5e85481558426e658684dc8dd58af83f3cde47a3740

  • SSDEEP

    12288:QnGihafKwYuHKtulnV9QVGRdGn6ZXfmZCdR28WPZ/krFExy/oK0jHbX+56ezb2uF:iuHQulVe6Gn6ZeDPSrWMQK0jHLRGjs45

Score
8/10

Malware Config

Targets

    • Target

      PO-2024-SGL-014.exe

    • Size

      729KB

    • MD5

      d7bfd4fbd63b24a8848b0179ea7ad1e3

    • SHA1

      d82909d8315d72f13e0800cf2c8b8d714a08d87e

    • SHA256

      598e01cb5243265105853c0c275853142f95f34a1f21f339903d26a5878ef6f4

    • SHA512

      dad5e88c8223f8544111bc362e6888a34777691d20b0946361b263837186a0236df63d4e3c4f9802f990e5e85481558426e658684dc8dd58af83f3cde47a3740

    • SSDEEP

      12288:QnGihafKwYuHKtulnV9QVGRdGn6ZXfmZCdR28WPZ/krFExy/oK0jHbX+56ezb2uF:iuHQulVe6Gn6ZeDPSrWMQK0jHLRGjs45

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks