Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

202407名单.exe

windows7-x64

1

202407名单.exe

windows10-1703-x64

1

202407名单.exe

windows10-2004-x64

1

GBgvQcZI.exe

windows7-x64

7

GBgvQcZI.exe

windows10-1703-x64

7

GBgvQcZI.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-07-test-sandbox.zip

  • Size

    5.5MB

  • Sample

    240807-cheabaxgqr

  • MD5

    0444c264727fa53c84d4f1d849eb4f7c

  • SHA1

    c316f94548207168a3683907c48bd95e0574c1a7

  • SHA256

    6528661891b7280d3b198cb54ef2cdbc356192ae92255a076c5048ca722f493c

  • SHA512

    f0e3bc2910a9c245c1ea27a1b1a323e3c41d6785c1db810ffc18e3cf8c8b21f50536384af9f5c216557f81fd5982e464f6673f4769d83e08f9bdeea22f15a2c1

  • SSDEEP

    98304:lRIiEnN3LGy7l6WoPkqGG8RrCqILw8cDd66vK2UjIRedfM7EmLTCVTz:lmiEhxplkqI0DY6vK26w68ERV3

Score
7/10
discovery

Malware Config

Targets

    • Target

      202407名单.exe

    • Size

      11.1MB

    • MD5

      4981608f030982bea9c2c6defab80a5d

    • SHA1

      b15cf8423eb62e29812a81066adecfe31e5be743

    • SHA256

      8dc8867273f93678845ec8dfdfd84af24ab606121c3c076a0f6c5228e5cea862

    • SHA512

      fffab8d7a2cd3f3f99db5b5093ad80dbc6013aabe7a8be488c8e3bccf01562b48cb760d29066790e8b577f21cbc033a0602936b92c758d154cc5b9a11abf2d65

    • SSDEEP

      6144:uBGnXixYRgmR8Ltknr2iW18eHxaVjSB1zVJJSB:8GnXixpo8xjaVjSB1zVJJw

    Score
    1/10
    behavioral1behavioral2behavioral3

    • Target

      GBgvQcZI.exe

    • Size

      5.4MB

    • MD5

      44a4d63d84c1994a941860fdf0a10aae

    • SHA1

      0150f8f5bda824262045c0527fde43a7907769a9

    • SHA256

      ef4b5c68a718ac34a957ada64a366868b7a609887208634d46e5ad75a8c70bdc

    • SHA512

      91c7a98e242791fab3d387d7df2a41e9880ef5a4038324222e095f894b68530cad1cba17a195f7a4c5aff32162368c54c60a11afa567699807df630a35d92276

    • SSDEEP

      98304:CuWti1XTyinOyRivbmBoPhvTdhnstbgjO2rXftnFO8KDTkecARNFh/B:C9gTyZyRcbsoPZm8fO8skec2h5

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral4behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks