Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c11446bf752a29289d345fef384c832d53840dd5cf2d3a136e294c960b72ad16N

  • Size

    1.7MB

  • Sample

    241004-s2yfasweqe

  • MD5

    3827105fb0ee82b61b8e4cd09f1d7630

  • SHA1

    8100d036511f062163ac7a820ecd197e0bd964ce

  • SHA256

    c11446bf752a29289d345fef384c832d53840dd5cf2d3a136e294c960b72ad16

  • SHA512

    74231ab358650cdbd405ce0cdf1a094ab638b886559a7c64f9cc0ff413c1359263dbe1fca91be1c5944d56e58b2070a0c55984446065c6fc628f1f3c61b43d3c

  • SSDEEP

    12288:Y6sg9q8utL6R91NNaUfViptH0D9wvT1xkZTWbq6Pknm2N5kv7Z62J5ugQ8cY47Os:YyG6RGjv7biFpVUM

Malware Config

Targets

    • Target

      c11446bf752a29289d345fef384c832d53840dd5cf2d3a136e294c960b72ad16N

    • Size

      1.7MB

    • MD5

      3827105fb0ee82b61b8e4cd09f1d7630

    • SHA1

      8100d036511f062163ac7a820ecd197e0bd964ce

    • SHA256

      c11446bf752a29289d345fef384c832d53840dd5cf2d3a136e294c960b72ad16

    • SHA512

      74231ab358650cdbd405ce0cdf1a094ab638b886559a7c64f9cc0ff413c1359263dbe1fca91be1c5944d56e58b2070a0c55984446065c6fc628f1f3c61b43d3c

    • SSDEEP

      12288:Y6sg9q8utL6R91NNaUfViptH0D9wvT1xkZTWbq6Pknm2N5kv7Z62J5ugQ8cY47Os:YyG6RGjv7biFpVUM

    • Modifies firewall policy service

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks