Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    64e93f519afb6ad1800523b340eb9890N

  • Size

    152KB

  • Sample

    240907-yc8gvs1crq

  • MD5

    64e93f519afb6ad1800523b340eb9890

  • SHA1

    1279ff70aef7a417d64658d842f9911314dd6842

  • SHA256

    8f1fb2388dbbec80390ec98e984963c881f8753c8204003f2732bd147cf8c5bd

  • SHA512

    0c61b1ff95bc2915cdaa7d17e67910f61770459b4078135a614b2f26ce230fa5d9c1a34a5c9a7fc066fe1511b19472f0a99593e179229f8e6e4dbd241b058e33

  • SSDEEP

    3072:0hUFgMTQtKrueiygR4O6avJamofroE5j4oQcB4:JgAQtKSMgR56avUmqdri

Malware Config

Targets

    • Target

      64e93f519afb6ad1800523b340eb9890N

    • Size

      152KB

    • MD5

      64e93f519afb6ad1800523b340eb9890

    • SHA1

      1279ff70aef7a417d64658d842f9911314dd6842

    • SHA256

      8f1fb2388dbbec80390ec98e984963c881f8753c8204003f2732bd147cf8c5bd

    • SHA512

      0c61b1ff95bc2915cdaa7d17e67910f61770459b4078135a614b2f26ce230fa5d9c1a34a5c9a7fc066fe1511b19472f0a99593e179229f8e6e4dbd241b058e33

    • SSDEEP

      3072:0hUFgMTQtKrueiygR4O6avJamofroE5j4oQcB4:JgAQtKSMgR56avUmqdri

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks