Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

Endermanch...er.exe

windows7-x64

7

Endermanch...er.exe

windows10-2004-x64

7

6AdwCleaner.exe

windows7-x64

6

6AdwCleaner.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FakeAdwCleaner.zip

  • Size

    175KB

  • Sample

    240603-w15d1aee9y

  • MD5

    6d8c9d01ba5c32aedc734087cc3d0b1b

  • SHA1

    f7e58e5edd203abc2364922b11b6641d3ee9add5

  • SHA256

    92e885d1763e4ba1abc92bee9b08ca7a2ae358bda5fe98b31a8e217327982bf7

  • SHA512

    090b972e7d854dee8c1dc45ee3035247eb8ab641c337ff8da6dc3dbb84fa447deee688f760d36fdfb93cca50d4ab27b5ab3347f75c5e4207a06e0ada0607e3f7

  • SSDEEP

    3072:5oVnkybquxcF6U/aVHOBuv7j4/rIUUT4iI5mflT9xuUqywFdiZS3e:5oV5bZxIsV4l/kz4iFh98UqywKw3e

Score
7/10
persistence

Malware Config

Targets

    • Target

      [email protected]

    • Size

      190KB

    • MD5

      248aadd395ffa7ffb1670392a9398454

    • SHA1

      c53c140bbdeb556fca33bc7f9b2e44e9061ea3e5

    • SHA256

      51290129cccca38c6e3b4444d0dfb8d848c8f3fc2e5291fc0d219fd642530adc

    • SHA512

      582b917864903252731c3d0dff536d7b1e44541ee866dc20e0341cbee5450f2f0ff4d82e1eee75f770e4dad9d8b9270ab5664ffedfe21d1ad2bd7fe6bc42cf0e

    • SSDEEP

      3072:15TDpNFVbxDSXJFFGhcBR1WLZ37p73G8Wn7GlDOg+ELqdSxo5XtIZjnvxRJgghaR:157TcfFPB6B3GL7g+me5aZjn5VlI9T/

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

    • Target

      6AdwCleaner.exe

    • Size

      168KB

    • MD5

      87e4959fefec297ebbf42de79b5c88f6

    • SHA1

      eba50d6b266b527025cd624003799bdda9a6bc86

    • SHA256

      4f0033e811fe2497b38f0d45df958829d01933ebe7d331079eefc8e38fbeaa61

    • SHA512

      232fedec0180e85560a226870a244a22f54ca130ed6d6dc95dc02a1ff85f17da396925c9ff27d522067a30ee3e74a38adff375d8752161ee629df14f39cf6ba9

    • SSDEEP

      3072:sqp6y91BH91Be/MbNBQ3MypF06N25xOT5Ng2WV4:Oy/BH/Be00Mypk5sYp4

    Score
    6/10
    persistence
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks