Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

5

b9ec677efc...c4.exe

windows7-x64

7

b9ec677efc...c4.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b9ec677efc791e6c4b84b1b5add11bff1a02f7979a644d8b5f066f3758acd2c4

  • Size

    2.5MB

  • Sample

    240930-cbex9swcme

  • MD5

    dea2b172855474242e3607e18f7eb659

  • SHA1

    ce440d756e0bfe5593462d1a4b0c9f818d1f3623

  • SHA256

    b9ec677efc791e6c4b84b1b5add11bff1a02f7979a644d8b5f066f3758acd2c4

  • SHA512

    42652c9dce689f9e2227651583cedb49dbe67c2c6845703ed35e1e8e502999ff7f1ff959ab7ef6b9ea0a8152a4539ae6b848e8aef4a88e6a9dca0d9c4f3b7e81

  • SSDEEP

    49152:V6i0cnlHeRrlG4g5ec8IBvKvYJC623msvD/DX+y4onCYDj:kPclHeRrlG4g5ea1g62WsvD/D+donCYn

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      b9ec677efc791e6c4b84b1b5add11bff1a02f7979a644d8b5f066f3758acd2c4

    • Size

      2.5MB

    • MD5

      dea2b172855474242e3607e18f7eb659

    • SHA1

      ce440d756e0bfe5593462d1a4b0c9f818d1f3623

    • SHA256

      b9ec677efc791e6c4b84b1b5add11bff1a02f7979a644d8b5f066f3758acd2c4

    • SHA512

      42652c9dce689f9e2227651583cedb49dbe67c2c6845703ed35e1e8e502999ff7f1ff959ab7ef6b9ea0a8152a4539ae6b848e8aef4a88e6a9dca0d9c4f3b7e81

    • SSDEEP

      49152:V6i0cnlHeRrlG4g5ec8IBvKvYJC623msvD/DX+y4onCYDj:kPclHeRrlG4g5ea1g62WsvD/D+donCYn

    Score
    7/10
    discoverypersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks