Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

23b641e5ee...5N.exe

windows7-x64

8

23b641e5ee...5N.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    23b641e5eecec19208e2c8d9d0a7871a2fdb2ef285c639af1c172468ad4a31b5N

  • Size

    84KB

  • Sample

    240920-3xsz5avfng

  • MD5

    09b4f0afd517a3d0def55563be233e90

  • SHA1

    40f1ca57a69abb9d149efc87b189bb6ddf87eb8c

  • SHA256

    23b641e5eecec19208e2c8d9d0a7871a2fdb2ef285c639af1c172468ad4a31b5

  • SHA512

    85b4f954d9d08ffb7ffc493e5bc8a7e94390c180883e4068455552caa1e2a34997912391ebc502c31da18e618fce3fb54bdd6c13bc7b41915330a5e265211988

  • SSDEEP

    1536:bDcWLfIbgEp10gyXVdtnTHNWnnn622222K:bDXL0n0gyXVd1re2222K

Score
8/10
defense_evasiondiscoveryevasion

Malware Config

Targets

    • Target

      23b641e5eecec19208e2c8d9d0a7871a2fdb2ef285c639af1c172468ad4a31b5N

    • Size

      84KB

    • MD5

      09b4f0afd517a3d0def55563be233e90

    • SHA1

      40f1ca57a69abb9d149efc87b189bb6ddf87eb8c

    • SHA256

      23b641e5eecec19208e2c8d9d0a7871a2fdb2ef285c639af1c172468ad4a31b5

    • SHA512

      85b4f954d9d08ffb7ffc493e5bc8a7e94390c180883e4068455552caa1e2a34997912391ebc502c31da18e618fce3fb54bdd6c13bc7b41915330a5e265211988

    • SSDEEP

      1536:bDcWLfIbgEp10gyXVdtnTHNWnnn622222K:bDXL0n0gyXVd1re2222K

    Score
    8/10
    defense_evasiondiscoveryevasion

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks