Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d3c072b721fbc0d53dd75e1e59238020N

  • Size

    358KB

  • Sample

    240913-blrjdawfph

  • MD5

    d3c072b721fbc0d53dd75e1e59238020

  • SHA1

    8a21b2eea085874c14554538cafbe1a99acaf10d

  • SHA256

    67b059bd1eb166b8aa77519605a44d4a13963dc3a24aeac952726db5e315becd

  • SHA512

    7580bddd6b8a1c21476fa79e1b1d530b5c55c2ae7437a74cac2ce4dec21b670aa170b9f0db1831650fbd72d17c541e3bcf449f2e9b8b59354821a84351b93a8d

  • SSDEEP

    6144:XRobyqO195qa8gjAh+jq203vATD2NLDa48An2N2FSmksqtB9:XWbyqO19D8gjBjmukXx5pesqr9

Malware Config

Targets

    • Target

      d3c072b721fbc0d53dd75e1e59238020N

    • Size

      358KB

    • MD5

      d3c072b721fbc0d53dd75e1e59238020

    • SHA1

      8a21b2eea085874c14554538cafbe1a99acaf10d

    • SHA256

      67b059bd1eb166b8aa77519605a44d4a13963dc3a24aeac952726db5e315becd

    • SHA512

      7580bddd6b8a1c21476fa79e1b1d530b5c55c2ae7437a74cac2ce4dec21b670aa170b9f0db1831650fbd72d17c541e3bcf449f2e9b8b59354821a84351b93a8d

    • SSDEEP

      6144:XRobyqO195qa8gjAh+jq203vATD2NLDa48An2N2FSmksqtB9:XWbyqO19D8gjBjmukXx5pesqr9

    • Adds policy Run key to start application

    • Drops file in Drivers directory

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks