Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

3b8558d14b...c6.exe

windows7-x64

10

3b8558d14b...c6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3b8558d14b8bec08fe9f9ef78c1fb7c6.exe

  • Size

    8.7MB

  • Sample

    241003-v9en9s1gkh

  • MD5

    3b8558d14b8bec08fe9f9ef78c1fb7c6

  • SHA1

    d8cfe796e8a12b1c46598fe3daee9eb65a3aac0d

  • SHA256

    de7741a1b4e38e18f595621651df024e56db034c692190b5b6115d2b4b1033cb

  • SHA512

    d388d818a770a081b4d2cddfcc66a32f04357afa3905d63929fed9c77d723572436ab2d3efe2f2d3e4fcebb35fce5fd93100f9b31695fbeb5a28c6e49268941c

  • SSDEEP

    24576:XaVPwvlamIBIEurOuSmKAFdrQLY9MyUT/iMWSFHJNzjyfJV5v7KInxhygjsSL:XiPeAVIbSmKAFaWbUTRrzeft+Ixhrj

Score
10/10
discovery

Malware Config

Targets

    • Target

      3b8558d14b8bec08fe9f9ef78c1fb7c6.exe

    • Size

      8.7MB

    • MD5

      3b8558d14b8bec08fe9f9ef78c1fb7c6

    • SHA1

      d8cfe796e8a12b1c46598fe3daee9eb65a3aac0d

    • SHA256

      de7741a1b4e38e18f595621651df024e56db034c692190b5b6115d2b4b1033cb

    • SHA512

      d388d818a770a081b4d2cddfcc66a32f04357afa3905d63929fed9c77d723572436ab2d3efe2f2d3e4fcebb35fce5fd93100f9b31695fbeb5a28c6e49268941c

    • SSDEEP

      24576:XaVPwvlamIBIEurOuSmKAFdrQLY9MyUT/iMWSFHJNzjyfJV5v7KInxhygjsSL:XiPeAVIbSmKAFaWbUTRrzeft+Ixhrj

    Score
    10/10
    discovery

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks