Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

f754fefacb...89.exe

windows7-x64

6

f754fefacb...89.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    121afc27b0e1abe1704bcabf3c8b8ec3.zip

  • Size

    314KB

  • Sample

    240903-nav4msweka

  • MD5

    1326529288437c75e33858dc64005a48

  • SHA1

    6e760be3e5702722968022919ed3ee738ad696a3

  • SHA256

    e3e81949defa0a9cd29ec632907000f2911341e09765565f6835d5f5e6ce6771

  • SHA512

    e04275b73d486bf76ee7e069d3b74cd77ea597818b2e976687fbd0f6fe3a03f4bc949adbdf6be5d701b9ec2b973dfcb4a99be23f08c81c244d3fd3304cef97d3

  • SSDEEP

    6144:m+cGToMIUxAAHjjDpQxgf7wJwm3h+5U8GeJtFzUTDJyNbxlUsPYgVp3CZy:jToM1xRxQCzw2m3T8GkHzUyvb

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      f754fefacb54d2b54d232a2465cfee59e3393fbc5a5fb1061709bebf06e74c89

    • Size

      424KB

    • MD5

      121afc27b0e1abe1704bcabf3c8b8ec3

    • SHA1

      9bdb3491f8d836af15f09cac82be9e6b05560204

    • SHA256

      f754fefacb54d2b54d232a2465cfee59e3393fbc5a5fb1061709bebf06e74c89

    • SHA512

      127866745bf3c26a82774f1a5ef8b9e3e60883b9b53f8388813a4c6145bfeb1a695a37e9aa90a2e9bf86e1a976ea9e3672c00b48ce6cfc8a7ce8e5382f99df28

    • SSDEEP

      6144:d4VDHxb4QmAqozabdh1GbhYzTp7Hw2mrbX58BvT3pYXjadGfqrACFoV:dgkcq2abdh1GbhYPprwxbJmrp+aYq8M

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Checks for any installed AV software in registry

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks