Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    52a204c0c7b6f1784664cb1189fd87e0N.exe

  • Size

    718KB

  • Sample

    240713-f8yy7axfnr

  • MD5

    52a204c0c7b6f1784664cb1189fd87e0

  • SHA1

    85fe0f36f6561782b0342d7e05968f49d6591b03

  • SHA256

    fadafafbdecdb64b00e6bddcb0e33bf68c2a512512fcacefc1d848e35ff3a001

  • SHA512

    7c8ea04623141c589d670baf1880585ffa4a17bc0554962cbd3970c92c69a8feb46d44e7c69c56f477311038b13d705afe2714200bd2ce7491ec83d1269eb271

  • SSDEEP

    12288:2TYVK+orvrHxct0c84koZ5vyw+JjasbWrWKYKIQ0EKPKRAc6acTz:E1+wxccKZ5Kb1aoWrWbKIQ09+Ac

Score
8/10

Malware Config

Targets

    • Target

      52a204c0c7b6f1784664cb1189fd87e0N.exe

    • Size

      718KB

    • MD5

      52a204c0c7b6f1784664cb1189fd87e0

    • SHA1

      85fe0f36f6561782b0342d7e05968f49d6591b03

    • SHA256

      fadafafbdecdb64b00e6bddcb0e33bf68c2a512512fcacefc1d848e35ff3a001

    • SHA512

      7c8ea04623141c589d670baf1880585ffa4a17bc0554962cbd3970c92c69a8feb46d44e7c69c56f477311038b13d705afe2714200bd2ce7491ec83d1269eb271

    • SSDEEP

      12288:2TYVK+orvrHxct0c84koZ5vyw+JjasbWrWKYKIQ0EKPKRAc6acTz:E1+wxccKZ5Kb1aoWrWbKIQ09+Ac

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks