Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d6be7e447b67246bfa7ba01c46215db0N

  • Size

    94KB

  • Sample

    240907-ycx15atdke

  • MD5

    d6be7e447b67246bfa7ba01c46215db0

  • SHA1

    324a86adfd230b788a3ff83744b4d88e243b2c0b

  • SHA256

    9e61f86a378552b9a27b543568b5629220bd19c355480e71d33be2643031162a

  • SHA512

    9b3337c4074e2537f1ef1728d6d92ccf6b019e7066d3be8db538d96e4b856f0df87b0d4f93265c2e23684a50ad1112d1ecc35bbb0fbeb5bab47f32c0558295ed

  • SSDEEP

    1536:BYUb5NE3yZIp+6HO5J4ggpMFSvIKEu0dX4j2dAck9:BYUb5QoJ4g+FXb

Malware Config

Targets

    • Target

      d6be7e447b67246bfa7ba01c46215db0N

    • Size

      94KB

    • MD5

      d6be7e447b67246bfa7ba01c46215db0

    • SHA1

      324a86adfd230b788a3ff83744b4d88e243b2c0b

    • SHA256

      9e61f86a378552b9a27b543568b5629220bd19c355480e71d33be2643031162a

    • SHA512

      9b3337c4074e2537f1ef1728d6d92ccf6b019e7066d3be8db538d96e4b856f0df87b0d4f93265c2e23684a50ad1112d1ecc35bbb0fbeb5bab47f32c0558295ed

    • SSDEEP

      1536:BYUb5NE3yZIp+6HO5J4ggpMFSvIKEu0dX4j2dAck9:BYUb5QoJ4g+FXb

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks