Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d11668d21bfa63da5e82ba90d3b0eba0N.exe

  • Size

    59KB

  • Sample

    240913-2624qathmq

  • MD5

    d11668d21bfa63da5e82ba90d3b0eba0

  • SHA1

    78aad0cfc1c8b19e78a9ef3b7f77bd577ce232d7

  • SHA256

    1419745b3f6ffe0db358fc0d321a2e9110f1d7088d59587db145b492cf514b48

  • SHA512

    a54c7a14ec467896c14bd63a59033fcf6a170b71585ce23f0bb8819cdbc18358fc37c24420e6727071dbb720353cbfe2d245ebbfb08bc3f068bdd84f4724a84b

  • SSDEEP

    1536:3+ZgwRdiE8cO4p1xRjfTvSq5r3ZiIZ4nouy8uh1aQ+:OeodiUO4p13b9HiIeoutuh1aQ+

Malware Config

Targets

    • Target

      d11668d21bfa63da5e82ba90d3b0eba0N.exe

    • Size

      59KB

    • MD5

      d11668d21bfa63da5e82ba90d3b0eba0

    • SHA1

      78aad0cfc1c8b19e78a9ef3b7f77bd577ce232d7

    • SHA256

      1419745b3f6ffe0db358fc0d321a2e9110f1d7088d59587db145b492cf514b48

    • SHA512

      a54c7a14ec467896c14bd63a59033fcf6a170b71585ce23f0bb8819cdbc18358fc37c24420e6727071dbb720353cbfe2d245ebbfb08bc3f068bdd84f4724a84b

    • SSDEEP

      1536:3+ZgwRdiE8cO4p1xRjfTvSq5r3ZiIZ4nouy8uh1aQ+:OeodiUO4p13b9HiIeoutuh1aQ+

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks