Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
47ccff97d013267a409934221107de80N.exe
-
Size
179KB
-
Sample
240726-bqvrlaxcqp
-
MD5
47ccff97d013267a409934221107de80
-
SHA1
7dcf133b3fa675d6f0b564f26e3e5115e8ca2f2b
-
SHA256
47325afa530e83455f846b753a910b80e6fad4a505ff996d6e8809b5f1bc4357
-
SHA512
11a88b8dae1c73f55b118960bd2176802be0d191f12895cdfc50c7001d24770b6e1a56002c0b097cf378fe17a09863b2252ffdae945f3c0f508258009d23b652
-
SSDEEP
3072:QXTTASJKf2n5AxE2NpxOa2XdU2QF4s5XgIDFyHb8kHofL/09rGB:QvASJKenie2xT2NU2OTFQb8Fb0IB
Malware Config
Targets
-
-
Target
47ccff97d013267a409934221107de80N.exe
-
Size
179KB
-
MD5
47ccff97d013267a409934221107de80
-
SHA1
7dcf133b3fa675d6f0b564f26e3e5115e8ca2f2b
-
SHA256
47325afa530e83455f846b753a910b80e6fad4a505ff996d6e8809b5f1bc4357
-
SHA512
11a88b8dae1c73f55b118960bd2176802be0d191f12895cdfc50c7001d24770b6e1a56002c0b097cf378fe17a09863b2252ffdae945f3c0f508258009d23b652
-
SSDEEP
3072:QXTTASJKf2n5AxE2NpxOa2XdU2QF4s5XgIDFyHb8kHofL/09rGB:QvASJKenie2xT2NU2OTFQb8Fb0IB
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1