Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    94c0f585aefffcfb17a9ae892804f849c49e3d0ef8027cb64d15e53d4799f42a

  • Size

    143KB

  • Sample

    241009-3gcm7swhpq

  • MD5

    ade1c69631157fc84a5b2dbf6c4b3dcc

  • SHA1

    386d234d47eb1e09a333b2bccf909303dee8eb5d

  • SHA256

    94c0f585aefffcfb17a9ae892804f849c49e3d0ef8027cb64d15e53d4799f42a

  • SHA512

    2d8ebc9243eae4654587e1cce50777e4e04331bc28c68178e82f8e31cd75080fabe9cbc5376f7702a63911cc325275a8fcac630f3ffaa7dc32f278031e45bcd8

  • SSDEEP

    3072:i1i/NU8bOMYcYYcmy5cU+gTn6HOjDhWrzvvQwlgO5v1i/NU82OMYcYYamv5b:ci/NjO5YBgegD0PHzSwi/N+O7

Malware Config

Targets

    • Target

      94c0f585aefffcfb17a9ae892804f849c49e3d0ef8027cb64d15e53d4799f42a

    • Size

      143KB

    • MD5

      ade1c69631157fc84a5b2dbf6c4b3dcc

    • SHA1

      386d234d47eb1e09a333b2bccf909303dee8eb5d

    • SHA256

      94c0f585aefffcfb17a9ae892804f849c49e3d0ef8027cb64d15e53d4799f42a

    • SHA512

      2d8ebc9243eae4654587e1cce50777e4e04331bc28c68178e82f8e31cd75080fabe9cbc5376f7702a63911cc325275a8fcac630f3ffaa7dc32f278031e45bcd8

    • SSDEEP

      3072:i1i/NU8bOMYcYYcmy5cU+gTn6HOjDhWrzvvQwlgO5v1i/NU82OMYcYYamv5b:ci/NjO5YBgegD0PHzSwi/N+O7

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    • Hide Artifacts: Hidden Files and Directories

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks