Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    server.exe

  • Size

    48KB

  • Sample

    240604-w8sp6sgc97

  • MD5

    7b7f514215066fc2dc3cbb1fcba6cb2b

  • SHA1

    9fe31bde8f920bd0517616be432c5bb7421f1487

  • SHA256

    61a0e8b4aec7bfba37910a171f9130ed800f8e6d68c958ebe5eeffaa7490fe03

  • SHA512

    fb9bfa0074798db2606a6144a1e0503bb46211fc585569643e07026078039e0d6e5f86b705dba685178371e78bab7dc60b24a1d5cd99eef77f95025d807cc221

  • SSDEEP

    768:+wUwhUwVbxp9vwyvwkDhRpigEdQzQbCMV4TK+jHY+:xBJxpuBKvpaUQbqTKMHp

Score
8/10

Malware Config

Targets

    • Target

      server.exe

    • Size

      48KB

    • MD5

      7b7f514215066fc2dc3cbb1fcba6cb2b

    • SHA1

      9fe31bde8f920bd0517616be432c5bb7421f1487

    • SHA256

      61a0e8b4aec7bfba37910a171f9130ed800f8e6d68c958ebe5eeffaa7490fe03

    • SHA512

      fb9bfa0074798db2606a6144a1e0503bb46211fc585569643e07026078039e0d6e5f86b705dba685178371e78bab7dc60b24a1d5cd99eef77f95025d807cc221

    • SSDEEP

      768:+wUwhUwVbxp9vwyvwkDhRpigEdQzQbCMV4TK+jHY+:xBJxpuBKvpaUQbqTKMHp

    Score
    8/10
    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks