Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4fba81c31556cbcb2e3cc13829ebd1fc.bin

  • Size

    723KB

  • Sample

    240613-bzcblsshqr

  • MD5

    7ec3d7e743c7fc0b3af761913b83a40c

  • SHA1

    99951225fd4efab0f429f02daa7415f082897cac

  • SHA256

    0645a3dbabc5303c3a6734b4734034e01980b83df681842c1e41dbea07e10176

  • SHA512

    dc53a69dfc4148012376969c8c7438b860d3f2318adea080a5d4851e49512430465fca478d965d265753be2ced91d1787c0c7689e100d5bef6ca5f48b5ee0a72

  • SSDEEP

    12288:P60giFXLB+651Rxu1eqBvlAWoXi0ci4mkOEfd8vzC8DLh+xDEiKtoRb1/Ueia/XR:i0giZ1fuhBvlAWCi79mkOvzC8p+xTKt2

Score
8/10

Malware Config

Targets

    • Target

      9c5cc57f344f2469a4c5f3b67c252fb72e8a12de742f96b697fa5f5d544513a1.exe

    • Size

      788KB

    • MD5

      4fba81c31556cbcb2e3cc13829ebd1fc

    • SHA1

      16fa151c4117fe19fb2a6431ccd3ba5b6d9d2ed4

    • SHA256

      9c5cc57f344f2469a4c5f3b67c252fb72e8a12de742f96b697fa5f5d544513a1

    • SHA512

      ec31ad781ac6086ccdda8dfa7c4e1ffc8ede7ba4665755a1ae89c1e6a7f52b33e7e3c4ed09b08f17b277f4e08e2364f360dd9944b3d69bc721827c67a98f95a4

    • SSDEEP

      24576:O95C6RrjOyvoQUYGNZgpo3DbrjXXPA+erA:OjRrKyvoQUVNZKo3DX7XJ

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks