Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

246418b835...27.exe

windows7-x64

8

246418b835...27.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    83bab7b9286354c9cc3fb55269e62088.zip

  • Size

    207KB

  • Sample

    240903-ljtwtstann

  • MD5

    792a8714b288eb70e14a752873df3690

  • SHA1

    575d0eb16d9d047453f254c87b253721db181eb0

  • SHA256

    9c9d2307729bfe4b348f0eb4a04991ce633d2b9ea12fd3182f3c67dd9985518b

  • SHA512

    9d52f10c2b44498631b1d39a16ed77bfd45f53cb84ae1ee9cc0bc5f575921638eefff64893717a04396c1a22e355b7e35b934da5973dc4759e9cd9c4656664fb

  • SSDEEP

    6144:kghhSOPHv5ma7OOea+xikM4aSN7F8rRRu1/ViOMpkNmy:k2NPHdeaQMzQ8rPu1diOMamy

Score
8/10
discoveryupx

Malware Config

Targets

    • Target

      246418b835995d34dbcdd3b348aec91e0e92f6c5bffa3f581b7900f490110627

    • Size

      464KB

    • MD5

      83bab7b9286354c9cc3fb55269e62088

    • SHA1

      cbc35cedefe6dee32fa94759b212bec76ae832dc

    • SHA256

      246418b835995d34dbcdd3b348aec91e0e92f6c5bffa3f581b7900f490110627

    • SHA512

      ed0f167cbbfd1c33d8cc30856d78d9435d3423fd2bca99ec0ca6d94d632739ffb6b671f68309c86f0d0c8c56a61db96750daeeb9c5138690d36be58912b9ea70

    • SSDEEP

      6144:t5kjHf7sw+GvrsPc5FXCQGOGTywkUb8MyXWMowoqPraQagmrk5ISkwjuO6+JTfiD:0jHf7v5FX0UUb8MhMNoqPWQagmr6Iv

    Score
    8/10
    discoveryupx

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks