Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    3.1MB

  • Sample

    240728-b6d4sa1cql

  • MD5

    a6b9ba406e557a924fbff7546c9b8386

  • SHA1

    cd4056df2d7b011e8f1e4d9683d122405a88835f

  • SHA256

    b2ffd93569c7eec760892eaa4e6fd1c2e783db89f550153d1123ac69c63483e7

  • SHA512

    215f58bcd44202a5a044b5c45da45095361cc13960b174b22df9c7805b4e1e609ddfb6c1f0b1db07891c6c79391aa8b2e2b64a48a8955cc81875c125cddf5c21

  • SSDEEP

    49152:sFQWGTL4ZoT1gmH23VPEy0bFbbFcUYba1/hMi7Nc3MDUe0svL0CA/CKjsCI5J:sFjA1gmHmOv8a1Gi7NvvLfwsC+

Score
7/10

Malware Config

Targets

    • Target

      file.exe

    • Size

      3.1MB

    • MD5

      a6b9ba406e557a924fbff7546c9b8386

    • SHA1

      cd4056df2d7b011e8f1e4d9683d122405a88835f

    • SHA256

      b2ffd93569c7eec760892eaa4e6fd1c2e783db89f550153d1123ac69c63483e7

    • SHA512

      215f58bcd44202a5a044b5c45da45095361cc13960b174b22df9c7805b4e1e609ddfb6c1f0b1db07891c6c79391aa8b2e2b64a48a8955cc81875c125cddf5c21

    • SSDEEP

      49152:sFQWGTL4ZoT1gmH23VPEy0bFbbFcUYba1/hMi7Nc3MDUe0svL0CA/CKjsCI5J:sFjA1gmHmOv8a1Gi7NvvLfwsC+

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks