Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    hit sync the kryhon‮4pm.exe

  • Size

    75.0MB

  • Sample

    240602-zndx3aff72

  • MD5

    2f26151ebf3a3804c239998fa482621d

  • SHA1

    a10a1161ed337a069cf02dac22a2952dfe46bc81

  • SHA256

    dd14793ef07cb6f73ead351e97aa7789629129501cc1f50a365e402ea937ae9a

  • SHA512

    cce3e9775657f5b2d21738c99ffeed6f89f25baa383aa0e5ec6ce951d33791178c3c87c22988ee9407f347316007cb36ccb7ab9744fb26335bd294c623a206dc

  • SSDEEP

    1572864:W12PFEnLoJ+jO2hMNml/KUTG5JsMA9H4W1QULyBuxVxLjjJdp8joQ:WcPFE763UWsMA9H4W1QUmBu/NjjKoQ

Score
7/10

Malware Config

Targets

    • Target

      hit sync the kryhon‮4pm.exe

    • Size

      75.0MB

    • MD5

      2f26151ebf3a3804c239998fa482621d

    • SHA1

      a10a1161ed337a069cf02dac22a2952dfe46bc81

    • SHA256

      dd14793ef07cb6f73ead351e97aa7789629129501cc1f50a365e402ea937ae9a

    • SHA512

      cce3e9775657f5b2d21738c99ffeed6f89f25baa383aa0e5ec6ce951d33791178c3c87c22988ee9407f347316007cb36ccb7ab9744fb26335bd294c623a206dc

    • SSDEEP

      1572864:W12PFEnLoJ+jO2hMNml/KUTG5JsMA9H4W1QULyBuxVxLjjJdp8joQ:WcPFE763UWsMA9H4W1QUmBu/NjjKoQ

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks