Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8a07e1ba700ac0f7e389bfa482131ca0N.exe

  • Size

    94KB

  • Sample

    240813-2z5w2a1anc

  • MD5

    8a07e1ba700ac0f7e389bfa482131ca0

  • SHA1

    7791aaaed3ffb803216204efb9ecea63cf090083

  • SHA256

    02e7591cb9be1ef8a5cefb29d497eff25034ba3fbd18afd7f7aecb194f3df577

  • SHA512

    c296f5a96bfdadc74efe573e4315500d95e79280b1c50c99f9b162c4fbc0805361a922495477668d10b5fefdd72ea7cc1492e5f2f14cc8182bf923d05fa61f17

  • SSDEEP

    1536:PGYU/W2/HG6QMauSV3ixJHABLrmhH7i9CO+WHg7zRZICrWaGZh7ub:PfU/WF6QMauSuiWNi9CO+WARJrWNZE

Malware Config

Targets

    • Target

      8a07e1ba700ac0f7e389bfa482131ca0N.exe

    • Size

      94KB

    • MD5

      8a07e1ba700ac0f7e389bfa482131ca0

    • SHA1

      7791aaaed3ffb803216204efb9ecea63cf090083

    • SHA256

      02e7591cb9be1ef8a5cefb29d497eff25034ba3fbd18afd7f7aecb194f3df577

    • SHA512

      c296f5a96bfdadc74efe573e4315500d95e79280b1c50c99f9b162c4fbc0805361a922495477668d10b5fefdd72ea7cc1492e5f2f14cc8182bf923d05fa61f17

    • SSDEEP

      1536:PGYU/W2/HG6QMauSV3ixJHABLrmhH7i9CO+WHg7zRZICrWaGZh7ub:PfU/WF6QMauSuiWNi9CO+WARJrWNZE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks