Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    563a35fcff50eeafb0754eca254a9050N.exe

  • Size

    348KB

  • Sample

    240906-xwnfcstcjl

  • MD5

    563a35fcff50eeafb0754eca254a9050

  • SHA1

    5f08aa965edce4215884cca8f9ae1a95dbcddd0b

  • SHA256

    e0b0b1e77150b120f147fe696162507cfe4fb9f4e13734d66cef457a1a2724bd

  • SHA512

    49b240b7de9936f0eae3e9250fc06609969039ad7e736b6a78f3f3ab55b65f78b1b2117f39c3b3cd99c46b5a67c572a5fd8ac4aa7a1d4c13d2406034acfebb78

  • SSDEEP

    6144:EbpFMByWEhy9vBpHLnU+r/f79MzNtukvSodidiHlFE:E9y2hqbLnZr/5MJt5qZi/E

Malware Config

Targets

    • Target

      563a35fcff50eeafb0754eca254a9050N.exe

    • Size

      348KB

    • MD5

      563a35fcff50eeafb0754eca254a9050

    • SHA1

      5f08aa965edce4215884cca8f9ae1a95dbcddd0b

    • SHA256

      e0b0b1e77150b120f147fe696162507cfe4fb9f4e13734d66cef457a1a2724bd

    • SHA512

      49b240b7de9936f0eae3e9250fc06609969039ad7e736b6a78f3f3ab55b65f78b1b2117f39c3b3cd99c46b5a67c572a5fd8ac4aa7a1d4c13d2406034acfebb78

    • SSDEEP

      6144:EbpFMByWEhy9vBpHLnU+r/f79MzNtukvSodidiHlFE:E9y2hqbLnZr/5MJt5qZi/E

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

    • Checks for any installed AV software in registry

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks