Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

26/07/2024, 20:40

240726-zgdcystclr 7

26/07/2024, 17:50

240726-went5avaml 7

General

  • Target

    Bootstrapper.exe

  • Size

    18KB

  • Sample

    240726-went5avaml

  • MD5

    d0d53fb776373cd44fe81ae2588359a2

  • SHA1

    5680cce16b289caff87cd4e756305898a85c554b

  • SHA256

    f0f9a12e2f1410b68cfffb9292a0174b905f220b342cead585f530edfb8e188b

  • SHA512

    82bfa0543ff8b6e1ad8f4bd8a372645b6034b4695fb0332128619a867a64953ffa10842b57a2754af4e13c714b69a409cba5335981de8585116715bcd30d96c2

  • SSDEEP

    384:kLAXFrjFFdaLihuhPLTuT1sICJbt5j8KoQrJ+ETu:yAVFiquI9FES

Score
7/10

Malware Config

Targets

    • Target

      Bootstrapper.exe

    • Size

      18KB

    • MD5

      d0d53fb776373cd44fe81ae2588359a2

    • SHA1

      5680cce16b289caff87cd4e756305898a85c554b

    • SHA256

      f0f9a12e2f1410b68cfffb9292a0174b905f220b342cead585f530edfb8e188b

    • SHA512

      82bfa0543ff8b6e1ad8f4bd8a372645b6034b4695fb0332128619a867a64953ffa10842b57a2754af4e13c714b69a409cba5335981de8585116715bcd30d96c2

    • SSDEEP

      384:kLAXFrjFFdaLihuhPLTuT1sICJbt5j8KoQrJ+ETu:yAVFiquI9FES

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks