Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9a119ec39dd275392df608195a7c702acacf38bcbb1d1d7b12aa84acb7a5d2a4

  • Size

    47KB

  • Sample

    240617-agkdtsyhlp

  • MD5

    6c6e9c9f402296784565bedfb1416d44

  • SHA1

    f6914cdbe16cc6563fa89793a979ba8aab3484bb

  • SHA256

    9a119ec39dd275392df608195a7c702acacf38bcbb1d1d7b12aa84acb7a5d2a4

  • SHA512

    3be3e5c8ae08fcc88876aa524f0f9ad838b9e7b377af70d0ede5da3c5ff9703254c839833afc7e9b8dd8a5b88d7b8ff6bdd5161285a7fe84b4be3464254a55c9

  • SSDEEP

    768:hX0gWvCzuw6Uj9uGi45XOPxV5HNWnnnl000e999vddddIyyyOOtttb2222v:6vCzuw6UD9Az5HNWnnn622222v

Score
10/10

Malware Config

Targets

    • Target

      9a119ec39dd275392df608195a7c702acacf38bcbb1d1d7b12aa84acb7a5d2a4

    • Size

      47KB

    • MD5

      6c6e9c9f402296784565bedfb1416d44

    • SHA1

      f6914cdbe16cc6563fa89793a979ba8aab3484bb

    • SHA256

      9a119ec39dd275392df608195a7c702acacf38bcbb1d1d7b12aa84acb7a5d2a4

    • SHA512

      3be3e5c8ae08fcc88876aa524f0f9ad838b9e7b377af70d0ede5da3c5ff9703254c839833afc7e9b8dd8a5b88d7b8ff6bdd5161285a7fe84b4be3464254a55c9

    • SSDEEP

      768:hX0gWvCzuw6Uj9uGi45XOPxV5HNWnnnl000e999vddddIyyyOOtttb2222v:6vCzuw6UD9Az5HNWnnn622222v

    Score
    9/10
    • Detects Windows executables referencing non-Windows User-Agents

    • UPX dump on OEP (original entry point)

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks