Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

2f175dac5c...f8.exe

windows7-x64

7

2f175dac5c...f8.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f9bb6ef02f29f52ff126279ff7d044bb.bin

  • Size

    148KB

  • Sample

    240701-ev6ansyhpr

  • MD5

    32266bf5e16888b49ada682dfe0aaf9e

  • SHA1

    e517b7f3758e0ec68b571c4e24da57ac1c56ac07

  • SHA256

    7417c092b97809415e22e0956a66956b508dad8c42c49c627c4f4e777f8dbc50

  • SHA512

    05840fc1db2823153f104bc129ac43da52af1d1200406f242ec7e729d434fc8a87cfc9de23db447e195e112ff042c02d5de4368963694e9424eaaeb0a5f003ea

  • SSDEEP

    3072:UgT1TzyBKiEOmNUog1LvTZzHklN6hqrBfrsIymlQRvuQXktVF8W3VuboWTNkalyt:xTQB9zmm1+lN6hYblUuaEH3Ej5kag

Score
8/10
execution

Malware Config

Targets

    • Target

      2f175dac5c8571e586722f6927b0112af22637a17efb3acfd78e813a804a38f8.exe

    • Size

      386KB

    • MD5

      f9bb6ef02f29f52ff126279ff7d044bb

    • SHA1

      5b68f1745d92d32a1e64ef3ace6640c5fbfeb254

    • SHA256

      2f175dac5c8571e586722f6927b0112af22637a17efb3acfd78e813a804a38f8

    • SHA512

      86a6c71dca30b5a6dc54cdc262318bbae1f16ba5f3e701d6d84adf8ddda265d178ddf7b72753e491a46d4fe043c2b7f9919f1be25a6f4fa0bc72ad193b0ca153

    • SSDEEP

      3072:H1sSJApTSnQU/x0ImhuDzHfs4zbYOjujDRfygDgKQINXLLHIaKlay8weCycJ5DfS:H1sSmRIt/xhtsOju1DH5NXnIKAc

    Score
    8/10
    execution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks