Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
633a1bbf4b13bec3b54b3e838b14b75cd2b978bf44dc08567637d3d081e274e5
-
Size
3.8MB
-
Sample
240817-3rwttstfpa
-
MD5
a6626b71acfb1b02c3701ff6d9488150
-
SHA1
470c0846b790506728c9dc4c5616e3cc79e7103d
-
SHA256
633a1bbf4b13bec3b54b3e838b14b75cd2b978bf44dc08567637d3d081e274e5
-
SHA512
60d5ca672277bf55a648059fd6bdf75fd4c5f29b19795befc7ff7495dac1bdf0694b04c36c4adbdc1190b7bef9cf7734da803599829c890f035ab6a8bac8e735
-
SSDEEP
49152:1fs6Ds61AsNHyva6SRw62VBzCGPJ+kOWIFa2XWI1q+GUWI1q+GdWIbqqDpWIba2s:FswsUHysR+VB2GPJ+k6R+VB2GPJM
Static task
static1
Behavioral task
behavioral1
Sample
633a1bbf4b13bec3b54b3e838b14b75cd2b978bf44dc08567637d3d081e274e5.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
633a1bbf4b13bec3b54b3e838b14b75cd2b978bf44dc08567637d3d081e274e5.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
633a1bbf4b13bec3b54b3e838b14b75cd2b978bf44dc08567637d3d081e274e5
-
Size
3.8MB
-
MD5
a6626b71acfb1b02c3701ff6d9488150
-
SHA1
470c0846b790506728c9dc4c5616e3cc79e7103d
-
SHA256
633a1bbf4b13bec3b54b3e838b14b75cd2b978bf44dc08567637d3d081e274e5
-
SHA512
60d5ca672277bf55a648059fd6bdf75fd4c5f29b19795befc7ff7495dac1bdf0694b04c36c4adbdc1190b7bef9cf7734da803599829c890f035ab6a8bac8e735
-
SSDEEP
49152:1fs6Ds61AsNHyva6SRw62VBzCGPJ+kOWIFa2XWI1q+GUWI1q+GdWIbqqDpWIba2s:FswsUHysR+VB2GPJ+k6R+VB2GPJM
Score10/10-
Modifies visibility of file extensions in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
3