Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

11/08/2024, 13:15

240811-qhjfxs1cnl 7

11/08/2024, 13:11

240811-qe2hbs1bpq 7

11/08/2024, 13:05

240811-qbzvbs1amn 7

11/08/2024, 12:58

240811-p7tshsvcma 7

General

  • Target

    BorderlessGaming10.0_admin_setup.exe

  • Size

    48.8MB

  • Sample

    240811-qhjfxs1cnl

  • MD5

    d52cda79789a76bc6687e99a206d3ef4

  • SHA1

    3e8e1f1f17bd0c5087e26bf5b6c6f63dd110b01e

  • SHA256

    a15810bb4e49e29191ef909985a569339f0d309d65087aa3cd4f1f16eea162b0

  • SHA512

    7677362141297e7e1eab3bbeee08b6df10ba21de5ccf5232e5fa80dcb097c57f0802534a0a62bbf4a37c0c51c97d2f8cd23e432f011ea717ea8bf9d7aafb1071

  • SSDEEP

    786432:RgyfSSjla4cxOAyl45+TpT+qluCGXmsGjVfKaC93M9RHwDqmOX4Cpw85z9JYlb:RgYSSUY3l3doCGX0uUQems4CpJhJCb

Score
7/10

Malware Config

Targets

    • Target

      BorderlessGaming10.0_admin_setup.exe

    • Size

      48.8MB

    • MD5

      d52cda79789a76bc6687e99a206d3ef4

    • SHA1

      3e8e1f1f17bd0c5087e26bf5b6c6f63dd110b01e

    • SHA256

      a15810bb4e49e29191ef909985a569339f0d309d65087aa3cd4f1f16eea162b0

    • SHA512

      7677362141297e7e1eab3bbeee08b6df10ba21de5ccf5232e5fa80dcb097c57f0802534a0a62bbf4a37c0c51c97d2f8cd23e432f011ea717ea8bf9d7aafb1071

    • SSDEEP

      786432:RgyfSSjla4cxOAyl45+TpT+qluCGXmsGjVfKaC93M9RHwDqmOX4Cpw85z9JYlb:RgYSSUY3l3doCGX0uUQems4CpJhJCb

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks