Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bec64165dc35dda50d80845270f7d3b0N.exe
-
Size
124KB
-
Sample
240805-wz9x4axgqe
-
MD5
bec64165dc35dda50d80845270f7d3b0
-
SHA1
32480416f34d574b94134d91f9ce1d271ec33092
-
SHA256
bfe706715ff9115db60a4ea5d01a3812223d8497c554cea0a1c56d283f2620ec
-
SHA512
52326f12babafd59f7780cb623bdb8a7fecb5c60c1590b0cfa7029dd7d3ac0b450fbe7afb173720702ca22460e6c027a6860592e1ad435fe1f04661696ff9b8f
-
SSDEEP
1536:g2szt5YOckhhRO/N69BH3OoGa+FL9jKceRgrkjSo:1G7YOckhhkFoN3Oo1+F92S
Malware Config
Targets
-
-
Target
bec64165dc35dda50d80845270f7d3b0N.exe
-
Size
124KB
-
MD5
bec64165dc35dda50d80845270f7d3b0
-
SHA1
32480416f34d574b94134d91f9ce1d271ec33092
-
SHA256
bfe706715ff9115db60a4ea5d01a3812223d8497c554cea0a1c56d283f2620ec
-
SHA512
52326f12babafd59f7780cb623bdb8a7fecb5c60c1590b0cfa7029dd7d3ac0b450fbe7afb173720702ca22460e6c027a6860592e1ad435fe1f04661696ff9b8f
-
SSDEEP
1536:g2szt5YOckhhRO/N69BH3OoGa+FL9jKceRgrkjSo:1G7YOckhhkFoN3Oo1+F92S
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2