Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1dca076ea21359cbd16963e4452beb25e0c4d17146f32291acd574bad1061cba

  • Size

    8.5MB

  • Sample

    240822-t3xe3axbqh

  • MD5

    079b2348ad2286201c4fd671d42ea907

  • SHA1

    bdc850c8f7139a4266786e8016663d7a73bb475d

  • SHA256

    1dca076ea21359cbd16963e4452beb25e0c4d17146f32291acd574bad1061cba

  • SHA512

    0f21c4211b70b602bdbc13a6f3de8a4242df8e9b5ee919093d44abdbe4c26a483fe685f9a9602551b25325a311b5a65b7a691c2bc9668f89c1c5a52993189704

  • SSDEEP

    196608:0ej0TkfyMwyUkpxaHrVrpUG9fKl3AwOTP6uyD5L7BSs:0/TWNwy/IHr5Bi5AwOTC1p

Score
7/10

Malware Config

Targets

    • Target

      ming-dan-pdf.exe

    • Size

      22.6MB

    • MD5

      d48ab037ac67690dfec97eb0cee58cef

    • SHA1

      ee2cac4a3ed743469f344657a2ce03263278e843

    • SHA256

      f86bb58f1fe31ba13544d0919beab5e3029e8044df85c72c37cbe2fbede5bf2b

    • SHA512

      1b53563081a14587cd28e184a5fd02730e78757e605176b5581154a514cda3644e48ecc931a3c2a93ebee68340d845167120fe75254aeb4d91fde5590973647a

    • SSDEEP

      196608:5c1aN0ECig1IFnEplmOXKh8mY8J4V+mPKSJAMr3jv4xHlZoA/iMYvWB:0OhCcFkjXLWiV+mSSCMToHluZW

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks