Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

meme.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    meme.exe

  • Size

    691KB

  • Sample

    240628-le3yyasbrg

  • MD5

    38fb04223d635541a1b22d2bba9a0a75

  • SHA1

    51b472fd63db8c057b6678a0a72944437ea74df7

  • SHA256

    e8a1afa56da1e87399d9986dbf94609898df1e78666e2514a6d3d94dce5b3d65

  • SHA512

    1e38ba373da48d9bd8bf0eba60e1eb224fd48a29df7228d33f54c1641c07f7bb8f95157fb83570a1a42b71122093deca16db3fe7b64d6506590e686b242b2e11

  • SSDEEP

    12288:w99glhScbCawvy9BbiIUVbR1GkcNZyXN4y7ZMEHYMrO7+gSCA8Gnf2rQ9dhgBJLA:wWwviubHGkMYXN4LEHlr8A/vgz2RWQb

Score
8/10
execution

Malware Config

Targets

    • Target

      meme.exe

    • Size

      691KB

    • MD5

      38fb04223d635541a1b22d2bba9a0a75

    • SHA1

      51b472fd63db8c057b6678a0a72944437ea74df7

    • SHA256

      e8a1afa56da1e87399d9986dbf94609898df1e78666e2514a6d3d94dce5b3d65

    • SHA512

      1e38ba373da48d9bd8bf0eba60e1eb224fd48a29df7228d33f54c1641c07f7bb8f95157fb83570a1a42b71122093deca16db3fe7b64d6506590e686b242b2e11

    • SSDEEP

      12288:w99glhScbCawvy9BbiIUVbR1GkcNZyXN4y7ZMEHYMrO7+gSCA8Gnf2rQ9dhgBJLA:wWwviubHGkMYXN4LEHlr8A/vgz2RWQb

    Score
    8/10
    execution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks