Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    81a80bdad865f0d14f4518ba16c960e0N

  • Size

    2.4MB

  • Sample

    240907-zf5e2stenq

  • MD5

    81a80bdad865f0d14f4518ba16c960e0

  • SHA1

    f419475f3c2a08fef08d3786f6fc1611423fef36

  • SHA256

    403508b6618d76ae1a47b9d79c3b2c617de632ee0fbd301f6e86314a7185f6c2

  • SHA512

    7420e149c5a29adfd819a6f8500bd96488034817b580e80cdb3aba42c3349e54350392ab609d966b6db7f932ef90560ad7936121f600afcb3376404524d91534

  • SSDEEP

    49152:2Ko2gzhGqxIaWeSkKkAQOQ1y7GklXRYxxTttMs+xyPFRwGJnunLp9u0XsA5cl+6H:f+zhGqx3WeSkKkAQOQ1y7PlXRYxxTttd

Malware Config

Targets

    • Target

      81a80bdad865f0d14f4518ba16c960e0N

    • Size

      2.4MB

    • MD5

      81a80bdad865f0d14f4518ba16c960e0

    • SHA1

      f419475f3c2a08fef08d3786f6fc1611423fef36

    • SHA256

      403508b6618d76ae1a47b9d79c3b2c617de632ee0fbd301f6e86314a7185f6c2

    • SHA512

      7420e149c5a29adfd819a6f8500bd96488034817b580e80cdb3aba42c3349e54350392ab609d966b6db7f932ef90560ad7936121f600afcb3376404524d91534

    • SSDEEP

      49152:2Ko2gzhGqxIaWeSkKkAQOQ1y7GklXRYxxTttMs+xyPFRwGJnunLp9u0XsA5cl+6H:f+zhGqx3WeSkKkAQOQ1y7PlXRYxxTttd

    • Modifies firewall policy service

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks