Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

bd68fc985b...7N.exe

windows7-x64

7

bd68fc985b...7N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bd68fc985b4909b2bd203be78325ea724a50b7d6b02e5453a6fdbd3923d6ea17N

  • Size

    468KB

  • Sample

    241001-ch6dssvhrk

  • MD5

    fd2076f544be805bca9f4b3825ba0e10

  • SHA1

    c7a79ebb429cf1f30b49b87f21cc69b86b1e7d4f

  • SHA256

    bd68fc985b4909b2bd203be78325ea724a50b7d6b02e5453a6fdbd3923d6ea17

  • SHA512

    bbf7608d8454f15c823757a7d3e3db686bdc61cd2b512342bcc391b2c19ad80008deb5eada4c5a309daa3a5866202a5879cfbaca6d4ec4e08d70c32a7a567f5d

  • SSDEEP

    12288:yhClC8WGvjPJYo4yV2UoWUOAhY6fUHcxRNq93LZrS:TNQHY1

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      bd68fc985b4909b2bd203be78325ea724a50b7d6b02e5453a6fdbd3923d6ea17N

    • Size

      468KB

    • MD5

      fd2076f544be805bca9f4b3825ba0e10

    • SHA1

      c7a79ebb429cf1f30b49b87f21cc69b86b1e7d4f

    • SHA256

      bd68fc985b4909b2bd203be78325ea724a50b7d6b02e5453a6fdbd3923d6ea17

    • SHA512

      bbf7608d8454f15c823757a7d3e3db686bdc61cd2b512342bcc391b2c19ad80008deb5eada4c5a309daa3a5866202a5879cfbaca6d4ec4e08d70c32a7a567f5d

    • SSDEEP

      12288:yhClC8WGvjPJYo4yV2UoWUOAhY6fUHcxRNq93LZrS:TNQHY1

    Score
    7/10
    discoveryupxpersistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks