Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c053874637f40ffdd8c2a669120d51c82d9abbddb6d654c261125174dbacf3fa

  • Size

    144KB

  • Sample

    240928-b6klkasgqb

  • MD5

    98f896438801d11898dcf02fbf1c045d

  • SHA1

    9b2fa272eb0271c038e1607677d83812b7a3a97d

  • SHA256

    c053874637f40ffdd8c2a669120d51c82d9abbddb6d654c261125174dbacf3fa

  • SHA512

    d2e5edb0c759a324624526b251d0a0c89c8739b69314ab354bba44a4b1bf1acef14fd2ba0fc1c8fa8c33704c41f7b0a38fab90a8561c4c762b5dcdfde13a8d58

  • SSDEEP

    3072:l5SVkkgUgXC7AdYzrV+Dljy/32ubwZ/qJ:SUFCkdYzrVolu/J0Z/

Malware Config

Targets

    • Target

      c053874637f40ffdd8c2a669120d51c82d9abbddb6d654c261125174dbacf3fa

    • Size

      144KB

    • MD5

      98f896438801d11898dcf02fbf1c045d

    • SHA1

      9b2fa272eb0271c038e1607677d83812b7a3a97d

    • SHA256

      c053874637f40ffdd8c2a669120d51c82d9abbddb6d654c261125174dbacf3fa

    • SHA512

      d2e5edb0c759a324624526b251d0a0c89c8739b69314ab354bba44a4b1bf1acef14fd2ba0fc1c8fa8c33704c41f7b0a38fab90a8561c4c762b5dcdfde13a8d58

    • SSDEEP

      3072:l5SVkkgUgXC7AdYzrV+Dljy/32ubwZ/qJ:SUFCkdYzrVolu/J0Z/

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks