Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    90bc2a5ebf63e317f6cb6381e93b53eff3121d5321b7fca980d647b08ae2b55c

  • Size

    50KB

  • Sample

    240913-arvbsavbjd

  • MD5

    9b3bd6359c8cdb7358aa80f3561840e7

  • SHA1

    f78c42d9306864613806ab2f49a3aba31a9bb54a

  • SHA256

    90bc2a5ebf63e317f6cb6381e93b53eff3121d5321b7fca980d647b08ae2b55c

  • SHA512

    ad2952ef408be5e97e4d71b252b1c7567d405b26d085888407f56d9365668746c8645db99b0108a24ed70d926e0e20bd201399610e2ed7d99d6027c81e8d983a

  • SSDEEP

    768:hX0gWvCzuw6Uj9uGi45XOPxV5HNWnnnl000e999vddddIyyyOOtttb22221:6vCzuw6UD9Az5HNWnnn6222221

Malware Config

Targets

    • Target

      90bc2a5ebf63e317f6cb6381e93b53eff3121d5321b7fca980d647b08ae2b55c

    • Size

      50KB

    • MD5

      9b3bd6359c8cdb7358aa80f3561840e7

    • SHA1

      f78c42d9306864613806ab2f49a3aba31a9bb54a

    • SHA256

      90bc2a5ebf63e317f6cb6381e93b53eff3121d5321b7fca980d647b08ae2b55c

    • SHA512

      ad2952ef408be5e97e4d71b252b1c7567d405b26d085888407f56d9365668746c8645db99b0108a24ed70d926e0e20bd201399610e2ed7d99d6027c81e8d983a

    • SSDEEP

      768:hX0gWvCzuw6Uj9uGi45XOPxV5HNWnnnl000e999vddddIyyyOOtttb22221:6vCzuw6UD9Az5HNWnnn6222221

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks