Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e347851e2525120229f833d52df8a407e6b31ab8f0c5fdd4baa232d3a15a69b9N
-
Size
232KB
-
Sample
241002-cjs5vswajc
-
MD5
ffcb0b44e717e3d1755e3e915f10cd80
-
SHA1
7dfc08d5bca4a7550a7c42fdae63d71b6c3166b2
-
SHA256
e347851e2525120229f833d52df8a407e6b31ab8f0c5fdd4baa232d3a15a69b9
-
SHA512
0a625159c08575d51c84e8f0473aabb93057087ed55b691292f111e66fd0864e580e9d21098a6c846a07e65a189a5e71e7ba1be5a8ccd7551ea1a5e1fe26e535
-
SSDEEP
6144:Uyb3PFKs78vpRTlEqxF6snji81RUinKbLta:rPhpI
Malware Config
Targets
-
-
Target
e347851e2525120229f833d52df8a407e6b31ab8f0c5fdd4baa232d3a15a69b9N
-
Size
232KB
-
MD5
ffcb0b44e717e3d1755e3e915f10cd80
-
SHA1
7dfc08d5bca4a7550a7c42fdae63d71b6c3166b2
-
SHA256
e347851e2525120229f833d52df8a407e6b31ab8f0c5fdd4baa232d3a15a69b9
-
SHA512
0a625159c08575d51c84e8f0473aabb93057087ed55b691292f111e66fd0864e580e9d21098a6c846a07e65a189a5e71e7ba1be5a8ccd7551ea1a5e1fe26e535
-
SSDEEP
6144:Uyb3PFKs78vpRTlEqxF6snji81RUinKbLta:rPhpI
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2