Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

install_ch...rl.exe

windows7-x64

3

install_ch...rl.exe

windows10-2004-x64

7

install_ch...db.exe

windows7-x64

3

install_ch...db.exe

windows10-2004-x64

3

install_ch...dk.exe

windows7-x64

3

install_ch...dk.exe

windows10-2004-x64

3

install_ch...ta.exe

windows7-x64

3

install_ch...ta.exe

windows10-2004-x64

3

restart.exe

windows7-x64

3

restart.exe

windows10-2004-x64

7

startup.exe

windows7-x64

3

startup.exe

windows10-2004-x64

3

stop.exe

windows7-x64

3

stop.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8bb1061cc69d553f1511168b242e5b49e086f5c216403d44eba9f4d98d472e0f

  • Size

    341KB

  • Sample

    240913-jwwj3starc

  • MD5

    6599fca676995a7bfafef9af6bf8d82c

  • SHA1

    be3f07a906e808bf35c2e79a02cac9a49e06820e

  • SHA256

    8bb1061cc69d553f1511168b242e5b49e086f5c216403d44eba9f4d98d472e0f

  • SHA512

    c9f78d81615068ed49570a12cd57ce5cf7f4c7f1310b3b45d34e60182cce665aeaf67690336d67e5a0b731ba0fcce1bcda99df20c7af3e649fb6396729b1d923

  • SSDEEP

    6144:cV/4qcxnsQZLacxnsQZLEcxnsQZL4UIuEk8L9EVXUVVijlzHKPQ0/:LnsQZLbnsQZLNnsQZL4UV8L99ijlOPn

Score
7/10
defense_evasiondiscoveryprivilege_escalation

Malware Config

Targets

    • Target

      install_check/check_curl.exe

    • Size

      89KB

    • MD5

      2f2f73335394b46636755905fcea2cc9

    • SHA1

      5de63f89b0ad2c454574c86f60f49bfa79e80d0c

    • SHA256

      fd0dd71d6e2354d620f902c6b1a0ef7178d116fd9ec1463a690ae2dae454c2a6

    • SHA512

      a047cf969eac47b930740b665f48e4d367ee88195142c386d5621a094b7afd3eb97ec85df7a2f8f2ac027da88718f29e02abde29f6fbbc7fbeda05565028eb6a

    • SSDEEP

      1536:rX7ftfkS5g9YOms+gZcQipICdXkNDqLLZX9lItVGL++eIOlnToIfRwy+O8:rLFfHgTWmCRkGbKGLeNTBfR0

    Score
    7/10
    defense_evasiondiscoveryprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

    • Target

      install_check/check_db.exe

    • Size

      88KB

    • MD5

      a592ffbc6fcd0d0d77fa6a1eca6642bf

    • SHA1

      2348c8f69971cdd388cdcf89a87db6a1afe62be2

    • SHA256

      522257bfe27d80b388f1e1de8e073166ad1c268ee4b76f209e22bd923de5228d

    • SHA512

      ad1a90089457b8b928a13183e41de6f7619e5011849eef3c32c4fd1713eab127b7e3c0bef1bf42a962945be1648a64bdacf08939a6256678676d44038bd2722a

    • SSDEEP

      1536:zj7ftfkS5g9YOms+gZcQipICdXkNDqLLZX9lItVGL++eIOlnToIf1wqOp:z/FfHgTWmCRkGbKGLeNTBf1O

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      install_check/check_jdk.exe

    • Size

      88KB

    • MD5

      2cc7e692ecd242bbed9ed3b58b877794

    • SHA1

      471b9d4f4c1fc9272102bacb25f94a63941d8bed

    • SHA256

      48415e6f7410d56e3b85115bbf9ccaa6be6918d5be7ca433cf38ec4e457f93a3

    • SHA512

      db212b4eb94bb2386cfd0f9fef54ebc4d23db84751d5f5ee991a19e39fcdc99089ebcea074a05f19fae79546cecb8c77ea8d104027bfa766748132a822a6a044

    • SSDEEP

      1536:rL7ftfkS5g9YOms+gZcQipICdXkNDqLLZX9lItVGL++eIOlnToIf5w2OO:rHFfHgTWmCRkGbKGLeNTBf5N

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      install_check/check_meta.exe

    • Size

      89KB

    • MD5

      154d4585534f8f8dfde2275f4dd2bb06

    • SHA1

      9510340a04b94f53681851424a67cd9530081c50

    • SHA256

      06e4874e142b3c5a6891b7476cf6932be27497139fef536ae0da61723a53c5f0

    • SHA512

      9daa4c336bab9825eba50942432d5592ac755540a7a56bafe4459fe62b7317866111b3b29c4704e426d5a39c8deba77eca2d3a5c5113155f28420816a5d81101

    • SSDEEP

      1536:I87ftfkS5g9YOms+gZcQipICdXkNDqLLZX9lItVGL++eIOlnToIfSwrO2:ISFfHgTWmCRkGbKGLeNTBfS0

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      restart.exe

    • Size

      88KB

    • MD5

      2139fd5b746fdb409b7b8df60bafdb11

    • SHA1

      2cde2eac5ae0a5c2327f0c8090279df08b2d9920

    • SHA256

      6d918e0ce3d6a2a10a607043e03e8d744b985e8e653072c83c004020c1281706

    • SHA512

      6d22dbb5cbb4ba06c6d8855569b1668594d39d70e94e91f98a5266224d27f978eae4fb23c6d4647aaa1b1dbfad3e6b0970e2ad08aa607324ed998c35bb5b306b

    • SSDEEP

      1536:rL7ftfkS5g9YOms+gZcQipICdXkNDqLLZX9lItVGL++eIOlnToIf5w1OG:rHFfHgTWmCRkGbKGLeNTBf5y

    Score
    7/10
    defense_evasiondiscoveryprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral10behavioral9

    • Target

      startup.exe

    • Size

      90KB

    • MD5

      9920d94fc66768b99333325a5bab417f

    • SHA1

      4d5482ca9400e315a5200aff0b672e02246a505c

    • SHA256

      07bd47166dda089e1554eec3141fdd20baf6236b03496e57032a23f080893e2b

    • SHA512

      33007cb7fc34b43fad3372ccbe33fe6bf6190df0e7b6b8313c2cd2c028dc6978d4506620fa09b40b11997dd40422afc3f0af021e0a66c6e5f65012b0c4ded5d3

    • SSDEEP

      1536:DP7ftfkS5g9YOms+gZcQipICdXkNDqLLZX9lItVGL++eIOlnToIfyweXtgOX:DjFfHgTWmCRkGbKGLeNTBfyt5

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      stop.exe

    • Size

      89KB

    • MD5

      448dccb867b7696e3ed94bc96182affa

    • SHA1

      21e8b4eeebe459e0ab5f71fe6091f5dd5808a039

    • SHA256

      85b6bf95837502c230d0e92f5511e9ca5e503cdf15af0678584564723a2efb72

    • SHA512

      d904ef2ed7eec06c1917cb5763c241d9dad15320aa352f2351c92aceaba53d7d6719adffcb028eb51ea2f5d0b5ae8c75ead7640ab463193d40e5c66c2b586ad5

    • SSDEEP

      1536:Mc7ftfkS5g9YOms+gZcQipICdXkNDqLLZX9lItVGL++eIOlnToIfXwfOL:MyFfHgTWmCRkGbKGLeNTBfX1

    Score
    7/10
    defense_evasiondiscoveryprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral13behavioral14

MITRE ATT&CK Enterprise v15

Tasks