Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6cb81d3fc345ce884fe28d9c4033f100N.exe
-
Size
88KB
-
Sample
240901-q8mw2asdql
-
MD5
6cb81d3fc345ce884fe28d9c4033f100
-
SHA1
6f3428fb12b77ffad2346b3be7e154f22babc2b7
-
SHA256
0df52dbd6954826bc66f7b0dfc8ce63fcbc7a513a5abc9b769fb3f34f5b6d4fc
-
SHA512
1868d244c590f281fdc60ed468162c5c2dea7c83462118ed0b4f18d8845f5f1881294a33ac2cbbeba6b39d79d05094609ae0a24e2be28f3ed88970682e694ba2
-
SSDEEP
768:vAG68qOJ+TtMBwHpFeh6gM1rA8dOsc7jUq4RkA5o3K1DfsvtzsXjLft+9o1mm:vAGHqlZMuLFjnAzA5o6BfItoXjLl0hm
Malware Config
Targets
-
-
Target
6cb81d3fc345ce884fe28d9c4033f100N.exe
-
Size
88KB
-
MD5
6cb81d3fc345ce884fe28d9c4033f100
-
SHA1
6f3428fb12b77ffad2346b3be7e154f22babc2b7
-
SHA256
0df52dbd6954826bc66f7b0dfc8ce63fcbc7a513a5abc9b769fb3f34f5b6d4fc
-
SHA512
1868d244c590f281fdc60ed468162c5c2dea7c83462118ed0b4f18d8845f5f1881294a33ac2cbbeba6b39d79d05094609ae0a24e2be28f3ed88970682e694ba2
-
SSDEEP
768:vAG68qOJ+TtMBwHpFeh6gM1rA8dOsc7jUq4RkA5o3K1DfsvtzsXjLft+9o1mm:vAGHqlZMuLFjnAzA5o6BfItoXjLl0hm
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2