Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
996ae397f54ff16cd8e0340e4641f8da07917815ec9c84ebcd76d8932b53c788N.exe
-
Size
31KB
-
Sample
240925-fhn2aswekr
-
MD5
0dc00a49037ab3a33a1bbe92455d2fd0
-
SHA1
8a00a01697b38bf597c26cb92a1a5b0679b7bd76
-
SHA256
996ae397f54ff16cd8e0340e4641f8da07917815ec9c84ebcd76d8932b53c788
-
SHA512
0416c162bac976b1aea56ef946b1431bb4d51c9dc66a82b77a86d2c2cde6c61a4a325eaadbb69902c9b781205b7637adf3a19e6e126b35330f4fec3a0c9539f6
-
SSDEEP
768:8j5KLZ/vbDEj7Rbw1KvVW6wVmuHXJHdzTC/Wc8HEzHvc:8j5SZbDEj7RKwI6wVBpGpRTvc
Malware Config
Targets
-
-
Target
996ae397f54ff16cd8e0340e4641f8da07917815ec9c84ebcd76d8932b53c788N.exe
-
Size
31KB
-
MD5
0dc00a49037ab3a33a1bbe92455d2fd0
-
SHA1
8a00a01697b38bf597c26cb92a1a5b0679b7bd76
-
SHA256
996ae397f54ff16cd8e0340e4641f8da07917815ec9c84ebcd76d8932b53c788
-
SHA512
0416c162bac976b1aea56ef946b1431bb4d51c9dc66a82b77a86d2c2cde6c61a4a325eaadbb69902c9b781205b7637adf3a19e6e126b35330f4fec3a0c9539f6
-
SSDEEP
768:8j5KLZ/vbDEj7Rbw1KvVW6wVmuHXJHdzTC/Wc8HEzHvc:8j5SZbDEj7RKwI6wVBpGpRTvc
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2