Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Debug.rar

  • Size

    1.9MB

  • Sample

    241006-n355baseln

  • MD5

    e063dd2cfad14dc4c00544d58fdc46ae

  • SHA1

    239a736f74b01c5f098743a0c04f9ea8251b4f7f

  • SHA256

    cb6f4fa8f278f1b1089d848ca9e66979e3ce01b75c3fc879dc6e917a0d5cfc4e

  • SHA512

    319982e10b35e0ce78a605149c4c7b5018c83e1e6ba70ebdc904fa9c4334105a876d7a9b8e533cb7edae33eb2a4ab88d3a8873b4b8a84cc5b6f851e9b938c42c

  • SSDEEP

    49152:7wYSIRzOcHCGUT/A+ylGsJ61SptI+TjuFjgu7k/AWA7BHpVZ:7wMhUU+ylRzvvyjNSAWaBJVZ

Score
7/10

Malware Config

Targets

    • Target

      Debug/Guna.UI2.dll

    • Size

      2.1MB

    • MD5

      c97f23b52087cfa97985f784ea83498f

    • SHA1

      d364618bec9cd6f8f5d4c24d3cc0f4c1a8e06b89

    • SHA256

      e658e8a5616245dbe655e194b59f1bb704aaeafbd0925d6eebbe70555a638cdd

    • SHA512

      ecfa83596f99afde9758d1142ff8b510a090cba6f42ba6fda8ca5e0520b658943ad85829a07bf17411e26e58432b74f05356f7eaeb3949a8834faa5de1a4f512

    • SSDEEP

      49152:cvrqKk8q2gqi2OXCt6kuSw9g8PTNTN/23uxjPHEiCAjFcm:cvrqZr

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Target

      Debug/Newtonsoft.Json.dll

    • Size

      695KB

    • MD5

      195ffb7167db3219b217c4fd439eedd6

    • SHA1

      1e76e6099570ede620b76ed47cf8d03a936d49f8

    • SHA256

      e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d

    • SHA512

      56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac

    • SSDEEP

      12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/

    Score
    1/10
    • Target

      Debug/Siticone.UI.dll

    • Size

      1.3MB

    • MD5

      750c58af2e56b6addecffcf152520ab8

    • SHA1

      14995e7f1d12498606d9d209d78d55fe6fd87802

    • SHA256

      27c56a28cbde094157206da1bfcd7a395111ab97b8a5ff600b11c2175dcefb26

    • SHA512

      2179790e23f61b3dfea828457f8609279c70b1e071cddc73b1dbda02caa664e0aae2553fc24a4956f9e89c477d66b1a704bde26fa23bc6db26c19e18db00abb5

    • SSDEEP

      24576:QVMCtIZJntOFmMlMqPilaiS4Yr6ugPngPfjv9tLF2cH8gb:u8NlaVeuHFb

    Score
    1/10
    • Target

      Debug/randomimgooey.exe

    • Size

      628KB

    • MD5

      696e624ba6409163bbb26a60aceed608

    • SHA1

      9240eb4d53df335d534e6dbec7016cc439415f88

    • SHA256

      a317209c1db75938b05c69ff70d8098c763e19dcb68bf9dbf7094124a0683b08

    • SHA512

      c87f7b80edcc19aed52e7e90ee7edc24241d76a7dc63b9b14f11d9a067aafd9fedc98dffac84d8370ef6aef82f01e14732878ecd6abf446d23b4f1194e484e9c

    • SSDEEP

      12288:Whv9+c4HNi4kFLXJa83cH0/XxtXJpGU0jMqWLynqq5+MN+L:WiHlMLi0/Xv+9g+51+

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks