Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
be3c24755243df82d3f1cc1ed1bd3d70N.exe
-
Size
408KB
-
Sample
240726-l5pt1avanc
-
MD5
be3c24755243df82d3f1cc1ed1bd3d70
-
SHA1
a8c799ab3e7979672b199900b14ac7a960bf14b3
-
SHA256
2090d63e62edd2776154e999ca80010e5258c6a2337d4142d563ad2e52fa32db
-
SHA512
3eff60720d18e248d53e63258275e3f297ffc33509f3998fc72c2d8e39a5756769031e8876e6e0a150abadb71444b3d9cb55980bb9b08f22e7c9ce844ae3ef46
-
SSDEEP
6144:Dck18MipfIUaQYu8tbS6JBcj0U5hjX/Tvf8MjKFW8jb/HVbdsifRe9+fHrGJH:DX8Djadu8J4YSjX/THKxr1bBGsHrGJH
Static task
static1
Behavioral task
behavioral1
Sample
be3c24755243df82d3f1cc1ed1bd3d70N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
be3c24755243df82d3f1cc1ed1bd3d70N.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
be3c24755243df82d3f1cc1ed1bd3d70N.exe
-
Size
408KB
-
MD5
be3c24755243df82d3f1cc1ed1bd3d70
-
SHA1
a8c799ab3e7979672b199900b14ac7a960bf14b3
-
SHA256
2090d63e62edd2776154e999ca80010e5258c6a2337d4142d563ad2e52fa32db
-
SHA512
3eff60720d18e248d53e63258275e3f297ffc33509f3998fc72c2d8e39a5756769031e8876e6e0a150abadb71444b3d9cb55980bb9b08f22e7c9ce844ae3ef46
-
SSDEEP
6144:Dck18MipfIUaQYu8tbS6JBcj0U5hjX/Tvf8MjKFW8jb/HVbdsifRe9+fHrGJH:DX8Djadu8J4YSjX/THKxr1bBGsHrGJH
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1