Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    04ed680c2a506e88b9358cfb1519afcc.zip

  • Size

    15KB

  • Sample

    240901-lltc3sxerd

  • MD5

    f84e6a746709b3b6e5493479dc725e80

  • SHA1

    a81c4bd36496461a9a0d409808b9b32ead7ac621

  • SHA256

    39d380818d0dd12fa07390336c054e3ea386a25b0b13dae8575c3891b6827e2a

  • SHA512

    31da1703d168482b590eeb67aa8f693d0af67a1f17a2256ce933fa46c493945fb64cbf843067e66dded7382c46aa061bb978638b536c53661beda1e20a7aa6d0

  • SSDEEP

    384:09XS5nT1mV7VWNaVNqB6q3CClgLfQyN7ijGA5pLjcfpDon/YmPd:UXSgfVK6qPgDQETAvLqD0wmPd

Score
8/10

Malware Config

Targets

    • Target

      69fdb37330ae6075d1fc20959c891559406a8478cd602799347bfa75ec11bd2e

    • Size

      56KB

    • MD5

      04ed680c2a506e88b9358cfb1519afcc

    • SHA1

      f47ee44d3119fcf486549ebfe737ac8476140512

    • SHA256

      69fdb37330ae6075d1fc20959c891559406a8478cd602799347bfa75ec11bd2e

    • SHA512

      82c5dfceac3109fd309dc7392993b1280280c9c0dcb2b6460126a408ce4b3d1c0f154405bca59b77aaeb953cb148cea664e63b31f3bfe7e3c44bff55c8cc74db

    • SSDEEP

      768:MXUs1ZmxDMmje2mxDMm+STZ5UW0Z080t0M04E7c:MEsyxfkxft5wc

    Score
    8/10
    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks