Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9543b8f415127162b0ca81a60b23dde0a20a9f0e8114fad36ee8b0d0fa474a68N
-
Size
124KB
-
Sample
241001-a5kphaseqj
-
MD5
f6bbf3bc488b528e5a9dc4cf1377fa00
-
SHA1
6a0fbc3cced9e61ae8765a0ed7b44723915be791
-
SHA256
9543b8f415127162b0ca81a60b23dde0a20a9f0e8114fad36ee8b0d0fa474a68
-
SHA512
cdf9e3cd2c674f7c5e1f1702be3468bdef3da527631be9cb361034cf2a2872672ab86b9f8ced22995ef49c7caa297885081048e10d366d9bf79dc3ae5d249cfb
-
SSDEEP
1536:/ebuEFBx+/67NxkiQixA+alh98r8Y9USv1jyHwo7JaS4:GbuEFT+/67gjH8ri8KwQq
Malware Config
Targets
-
-
Target
9543b8f415127162b0ca81a60b23dde0a20a9f0e8114fad36ee8b0d0fa474a68N
-
Size
124KB
-
MD5
f6bbf3bc488b528e5a9dc4cf1377fa00
-
SHA1
6a0fbc3cced9e61ae8765a0ed7b44723915be791
-
SHA256
9543b8f415127162b0ca81a60b23dde0a20a9f0e8114fad36ee8b0d0fa474a68
-
SHA512
cdf9e3cd2c674f7c5e1f1702be3468bdef3da527631be9cb361034cf2a2872672ab86b9f8ced22995ef49c7caa297885081048e10d366d9bf79dc3ae5d249cfb
-
SSDEEP
1536:/ebuEFBx+/67NxkiQixA+alh98r8Y9USv1jyHwo7JaS4:GbuEFT+/67gjH8ri8KwQq
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2