Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bdc77f1ff86f8c1462a0bf514af25885f06b213018056702b1b14e7c76b8913bN

  • Size

    3.0MB

  • Sample

    241009-jgkh9svdkl

  • MD5

    1a8a99c90906c349060944e027fd1550

  • SHA1

    7edb6c08d439c0e581d7a387a2095300061c293a

  • SHA256

    bdc77f1ff86f8c1462a0bf514af25885f06b213018056702b1b14e7c76b8913b

  • SHA512

    846dc680a3d1c7487c3bc69ad07256377e2105b5de876997e0a59b64131324dcbc94a605c99a8bb89434e74c95dedff78bea7be116d41da1eb620bb1a7220497

  • SSDEEP

    49152:9gCh1LGumhuW+5S0z0pEhd/l0mWKp719Qq3yobleQD80gboI5/4X0W0z0pEhd/lc:+CPSpED/ppLh3ScE4X0ypED/pg

Malware Config

Targets

    • Target

      bdc77f1ff86f8c1462a0bf514af25885f06b213018056702b1b14e7c76b8913bN

    • Size

      3.0MB

    • MD5

      1a8a99c90906c349060944e027fd1550

    • SHA1

      7edb6c08d439c0e581d7a387a2095300061c293a

    • SHA256

      bdc77f1ff86f8c1462a0bf514af25885f06b213018056702b1b14e7c76b8913b

    • SHA512

      846dc680a3d1c7487c3bc69ad07256377e2105b5de876997e0a59b64131324dcbc94a605c99a8bb89434e74c95dedff78bea7be116d41da1eb620bb1a7220497

    • SSDEEP

      49152:9gCh1LGumhuW+5S0z0pEhd/l0mWKp719Qq3yobleQD80gboI5/4X0W0z0pEhd/lc:+CPSpED/ppLh3ScE4X0ypED/pg

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks