Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

95f0dd8e57...aN.exe

windows7-x64

10

95f0dd8e57...aN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    95f0dd8e57251dae192a6297c5ceabaec88735962954084c2f68e58e0a4b788aN

  • Size

    353KB

  • Sample

    241001-xl3gjavgqm

  • MD5

    a6a41a4f8302e72a074e8f688715b460

  • SHA1

    02f31f2a7868de9670e3eab243e541fd99917cf7

  • SHA256

    95f0dd8e57251dae192a6297c5ceabaec88735962954084c2f68e58e0a4b788a

  • SHA512

    01b0d3db94c5e34efe86adc77a8daa1fff6db97bde2b1a2d72be768f347be672d383de25f4065ac0e7effe1ff929ddffaf182491612fcab17923f67880715cee

  • SSDEEP

    6144:YeC4EwZFoobUk8qp0qpgogZfpjkNY8UKw:8fhuLwflk7Ub

Score
10/10
evasionexecutiontrojan

Malware Config

Targets

    • Target

      95f0dd8e57251dae192a6297c5ceabaec88735962954084c2f68e58e0a4b788aN

    • Size

      353KB

    • MD5

      a6a41a4f8302e72a074e8f688715b460

    • SHA1

      02f31f2a7868de9670e3eab243e541fd99917cf7

    • SHA256

      95f0dd8e57251dae192a6297c5ceabaec88735962954084c2f68e58e0a4b788a

    • SHA512

      01b0d3db94c5e34efe86adc77a8daa1fff6db97bde2b1a2d72be768f347be672d383de25f4065ac0e7effe1ff929ddffaf182491612fcab17923f67880715cee

    • SSDEEP

      6144:YeC4EwZFoobUk8qp0qpgogZfpjkNY8UKw:8fhuLwflk7Ub

    Score
    10/10
    evasionexecutiontrojan

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Stops running service(s)

      evasionexecution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks