Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
121afc27b0e1abe1704bcabf3c8b8ec3.zip
-
Size
314KB
-
Sample
240903-nav4msweka
-
MD5
1326529288437c75e33858dc64005a48
-
SHA1
6e760be3e5702722968022919ed3ee738ad696a3
-
SHA256
e3e81949defa0a9cd29ec632907000f2911341e09765565f6835d5f5e6ce6771
-
SHA512
e04275b73d486bf76ee7e069d3b74cd77ea597818b2e976687fbd0f6fe3a03f4bc949adbdf6be5d701b9ec2b973dfcb4a99be23f08c81c244d3fd3304cef97d3
-
SSDEEP
6144:m+cGToMIUxAAHjjDpQxgf7wJwm3h+5U8GeJtFzUTDJyNbxlUsPYgVp3CZy:jToM1xRxQCzw2m3T8GkHzUyvb
Static task
static1
Behavioral task
behavioral1
Sample
f754fefacb54d2b54d232a2465cfee59e3393fbc5a5fb1061709bebf06e74c89.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f754fefacb54d2b54d232a2465cfee59e3393fbc5a5fb1061709bebf06e74c89.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
f754fefacb54d2b54d232a2465cfee59e3393fbc5a5fb1061709bebf06e74c89
-
Size
424KB
-
MD5
121afc27b0e1abe1704bcabf3c8b8ec3
-
SHA1
9bdb3491f8d836af15f09cac82be9e6b05560204
-
SHA256
f754fefacb54d2b54d232a2465cfee59e3393fbc5a5fb1061709bebf06e74c89
-
SHA512
127866745bf3c26a82774f1a5ef8b9e3e60883b9b53f8388813a4c6145bfeb1a695a37e9aa90a2e9bf86e1a976ea9e3672c00b48ce6cfc8a7ce8e5382f99df28
-
SSDEEP
6144:d4VDHxb4QmAqozabdh1GbhYzTp7Hw2mrbX58BvT3pYXjadGfqrACFoV:dgkcq2abdh1GbhYPprwxbJmrp+aYq8M
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
1