Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    05d1cf1d8a06c7db5b6a37a616ef6f54fb13e863e9785cb431ae060efb04185b

  • Size

    1.5MB

  • Sample

    240901-eap3ys1dje

  • MD5

    ce5aed08ef0b8c758f49605d860dfbc0

  • SHA1

    6db3aa68327bfea13dd178b4e5e4694b9e726462

  • SHA256

    05d1cf1d8a06c7db5b6a37a616ef6f54fb13e863e9785cb431ae060efb04185b

  • SHA512

    6b8af571bfa24b3ef2f3faba08dc7e4a105df7fd86b9838da50241402385108096b3788e783fb7265529120505d11c76da91849bd9c0d36f3088a2c9fc8e2db0

  • SSDEEP

    24576:P4nXubIQGyxbPV0db26fLywtAvfAc+bv8++UHavwRerOC2V:Pqe3f6yqAH+7A4avwR51

Malware Config

Targets

    • Target

      05d1cf1d8a06c7db5b6a37a616ef6f54fb13e863e9785cb431ae060efb04185b

    • Size

      1.5MB

    • MD5

      ce5aed08ef0b8c758f49605d860dfbc0

    • SHA1

      6db3aa68327bfea13dd178b4e5e4694b9e726462

    • SHA256

      05d1cf1d8a06c7db5b6a37a616ef6f54fb13e863e9785cb431ae060efb04185b

    • SHA512

      6b8af571bfa24b3ef2f3faba08dc7e4a105df7fd86b9838da50241402385108096b3788e783fb7265529120505d11c76da91849bd9c0d36f3088a2c9fc8e2db0

    • SSDEEP

      24576:P4nXubIQGyxbPV0db26fLywtAvfAc+bv8++UHavwRerOC2V:Pqe3f6yqAH+7A4avwR51

    • UAC bypass

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks