Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0ba62286fe8e142e34acaa2839b99cc0N.exe
-
Size
100KB
-
Sample
240902-ret9pasgmh
-
MD5
0ba62286fe8e142e34acaa2839b99cc0
-
SHA1
c674f94f6f6ddf2bd31d9485c2265fe47b99a31f
-
SHA256
0b2cc0fd017a6963403ffe76265e47c9d191e23efd18daf3a063a28e1f9419e8
-
SHA512
df34600488dcd92656081dce9dbd79609d0e5ab9a5d4b4f20afb58040c6a5114b33e0af71ecb204ef468c5a1e8d49f8177c4bdcd629f2e1eb7da9b8333c720cc
-
SSDEEP
1536:jel0cc6YBnvEOB+dGrNjjmJ2NuKuFr1M5Br2QbCcIsy:fXBcOB++jOKb1y
Static task
static1
Behavioral task
behavioral1
Sample
0ba62286fe8e142e34acaa2839b99cc0N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
0ba62286fe8e142e34acaa2839b99cc0N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
0ba62286fe8e142e34acaa2839b99cc0N.exe
-
Size
100KB
-
MD5
0ba62286fe8e142e34acaa2839b99cc0
-
SHA1
c674f94f6f6ddf2bd31d9485c2265fe47b99a31f
-
SHA256
0b2cc0fd017a6963403ffe76265e47c9d191e23efd18daf3a063a28e1f9419e8
-
SHA512
df34600488dcd92656081dce9dbd79609d0e5ab9a5d4b4f20afb58040c6a5114b33e0af71ecb204ef468c5a1e8d49f8177c4bdcd629f2e1eb7da9b8333c720cc
-
SSDEEP
1536:jel0cc6YBnvEOB+dGrNjjmJ2NuKuFr1M5Br2QbCcIsy:fXBcOB++jOKb1y
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2