Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    98be576dc7ce9eb45afd0577f23f114443ae330f01e2e785a124222e31991373N

  • Size

    1.6MB

  • Sample

    241009-hqhkla1crp

  • MD5

    8f91c3f4c277d9a38aca9a6575248900

  • SHA1

    f208eaa6c166713230a92bb4cbcc8d45934eca79

  • SHA256

    98be576dc7ce9eb45afd0577f23f114443ae330f01e2e785a124222e31991373

  • SHA512

    cb1f89adb036e5b84095553ee512f64b6be1f37cd0f9ed9b9b5f10ab88d561d30332308ca89525e471df66a32bbbfc4572d75ac5dd9d4f5ac1df19dd74074bb1

  • SSDEEP

    12288:avk//qKF76/OXpqSjnTf0clY9uWC+RMpk1OC7HmrWcmbQC5onsYiY:h1zltpu0iY

Malware Config

Targets

    • Target

      98be576dc7ce9eb45afd0577f23f114443ae330f01e2e785a124222e31991373N

    • Size

      1.6MB

    • MD5

      8f91c3f4c277d9a38aca9a6575248900

    • SHA1

      f208eaa6c166713230a92bb4cbcc8d45934eca79

    • SHA256

      98be576dc7ce9eb45afd0577f23f114443ae330f01e2e785a124222e31991373

    • SHA512

      cb1f89adb036e5b84095553ee512f64b6be1f37cd0f9ed9b9b5f10ab88d561d30332308ca89525e471df66a32bbbfc4572d75ac5dd9d4f5ac1df19dd74074bb1

    • SSDEEP

      12288:avk//qKF76/OXpqSjnTf0clY9uWC+RMpk1OC7HmrWcmbQC5onsYiY:h1zltpu0iY

    • Modifies firewall policy service

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks