Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

15/06/2024, 22:46

240615-2p62ca1hkl 8

General

  • Target

    password-is-eulen.rar

  • Size

    7.3MB

  • Sample

    240615-2p62ca1hkl

  • MD5

    66d9bcc0f9dd17489d5a990d1838debc

  • SHA1

    66a58bb6815d8f55cdee382ce5dad19478e88824

  • SHA256

    860824901d1ea71595e1a75792939b4de900e86b53c1aa3646c96b337dc8460c

  • SHA512

    7f4d00e168424f783ea54999b634f96a3a5354049459bef6fd389b79e832dd44aafcf8178cff761dc3d683b49bd2cb40e7f3a6b1cc0b3aa567c9bb803cbf6d12

  • SSDEEP

    196608:MRQeq77iLxkM+zyp+uYqGLoFE8PCLyRyYMHWjLqsheTpas:Ve/1rp+3vLy3rjWsktr

Score
8/10

Malware Config

Targets

    • Target

      password-is-eulen.rar

    • Size

      7.3MB

    • MD5

      66d9bcc0f9dd17489d5a990d1838debc

    • SHA1

      66a58bb6815d8f55cdee382ce5dad19478e88824

    • SHA256

      860824901d1ea71595e1a75792939b4de900e86b53c1aa3646c96b337dc8460c

    • SHA512

      7f4d00e168424f783ea54999b634f96a3a5354049459bef6fd389b79e832dd44aafcf8178cff761dc3d683b49bd2cb40e7f3a6b1cc0b3aa567c9bb803cbf6d12

    • SSDEEP

      196608:MRQeq77iLxkM+zyp+uYqGLoFE8PCLyRyYMHWjLqsheTpas:Ve/1rp+3vLy3rjWsktr

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks