Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b4be4dd9b085ff32b35e9374254ba530N.exe
-
Size
394KB
-
Sample
240727-l7bp6awejb
-
MD5
b4be4dd9b085ff32b35e9374254ba530
-
SHA1
22a4d1cdda00ab4ce9b67c04366eaef9be06d08f
-
SHA256
8868a7cc9adfec0c694a21b87cf43db6cbd5a8cc8a923b662d19b653a524124e
-
SHA512
301cc249310c06545bff12f5f0c60d0c051fde35834d9eb3c235b5f1374dfcb83e46fc74ee8ba02e22b78c281b90f61bed01107ebc39b65fa29eae19f810993c
-
SSDEEP
6144:38ASJKenie2xT2NU2OTFQb8Fb0I1UfFmPGL:3A5nilTFQbI0a+GGL
Malware Config
Targets
-
-
Target
b4be4dd9b085ff32b35e9374254ba530N.exe
-
Size
394KB
-
MD5
b4be4dd9b085ff32b35e9374254ba530
-
SHA1
22a4d1cdda00ab4ce9b67c04366eaef9be06d08f
-
SHA256
8868a7cc9adfec0c694a21b87cf43db6cbd5a8cc8a923b662d19b653a524124e
-
SHA512
301cc249310c06545bff12f5f0c60d0c051fde35834d9eb3c235b5f1374dfcb83e46fc74ee8ba02e22b78c281b90f61bed01107ebc39b65fa29eae19f810993c
-
SSDEEP
6144:38ASJKenie2xT2NU2OTFQb8Fb0I1UfFmPGL:3A5nilTFQbI0a+GGL
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1