Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

gchrome.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Proteus.zip

  • Size

    2.4MB

  • Sample

    240813-3xy65s1hrd

  • MD5

    66cac61deace1dcceab136a6a0b367e4

  • SHA1

    d31f425f51986dc7f9909692d9c3bf1ecc2d2dbb

  • SHA256

    3ba6af4e0072bd3ac9fe8372ac543f95488a7cada32ca70ae87782c779064cab

  • SHA512

    7eb81de05ccaba23d7c9e79ede60d7c2d4e8046559163ae8ccf89fc6cebcf4c1dbebd8910a384b80fa289c688fa938086095f5459e4f4259febf4d450588c4e7

  • SSDEEP

    49152:c5xiBF1fMg8A50KCJoJJy0f7rKj09Pmpda4fVUOv0tCJ4ycOubEQGJ:cgjMg1u/JoJ/rApdRVv0tU7

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      gchrome.exe

    • Size

      2.8MB

    • MD5

      49fd4020bf4d7bd23956ea892e6860e9

    • SHA1

      c5d8f155209badd278437d0e534648f8d5c35aae

    • SHA256

      d23b4a30f6b1f083ce86ef9d8ff434056865f6973f12cb075647d013906f51a2

    • SHA512

      b532f3e0451759727eba1e1559ba20131d1900ef958d1cd3c2dc4e65cfafbce5cadfe52d867048751815e0c8b7afcd0679725c937fe7b1aecd21699773627817

    • SSDEEP

      49152:sVic4rcPjPlzIWJDn8Ss2y44enoerL/TrRCxREX4x+va:42etHsFenjvT9/X44

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks