Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f61841ea484b6c2ad65a5da96f7f4389250d9abe26a78044c39dd5a9a34a8243

  • Size

    731KB

  • Sample

    240615-bm6dxstfjd

  • MD5

    f5504ec1c0593bf51b4375383b7a8766

  • SHA1

    ffc6b75ec2b99bf4ee74bd1704eb30cc46a2fc4e

  • SHA256

    f61841ea484b6c2ad65a5da96f7f4389250d9abe26a78044c39dd5a9a34a8243

  • SHA512

    af6f40f28c4aa2b9bb77c0de82b329fb446bdeda22ac98a1d57ea65abed175634b61de31d29842b3c26091163eb1c7514c8737e38326acc9093fbdff40b03a6f

  • SSDEEP

    12288:BuiJ2iNXu5LIXzgfljSKc7JrgTYi7NrlesSL/cCvSFTgyqNQiaXt0tHygOf:rJ1tu50X8flOrgFesSLkCUTzqNv

Score
8/10

Malware Config

Targets

    • Target

      f61841ea484b6c2ad65a5da96f7f4389250d9abe26a78044c39dd5a9a34a8243

    • Size

      731KB

    • MD5

      f5504ec1c0593bf51b4375383b7a8766

    • SHA1

      ffc6b75ec2b99bf4ee74bd1704eb30cc46a2fc4e

    • SHA256

      f61841ea484b6c2ad65a5da96f7f4389250d9abe26a78044c39dd5a9a34a8243

    • SHA512

      af6f40f28c4aa2b9bb77c0de82b329fb446bdeda22ac98a1d57ea65abed175634b61de31d29842b3c26091163eb1c7514c8737e38326acc9093fbdff40b03a6f

    • SSDEEP

      12288:BuiJ2iNXu5LIXzgfljSKc7JrgTYi7NrlesSL/cCvSFTgyqNQiaXt0tHygOf:rJ1tu50X8flOrgFesSLkCUTzqNv

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks