Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0b84008fd4237fdd2a952ba968aec2b0e429801cbab4a016ee32db6e4eeb283bN
-
Size
1.8MB
-
Sample
241010-fv24payanc
-
MD5
8ae84d125b4d3cca4b310a9f519747a0
-
SHA1
9f28f6eecb9ce84bd918f22c9af5f6e102ef6e57
-
SHA256
0b84008fd4237fdd2a952ba968aec2b0e429801cbab4a016ee32db6e4eeb283b
-
SHA512
15268db416f0bcc2512f7f62d95903ea559f8e2fe697adcfc05067a03453d1b3c748040882010ed565bda1ee6f2fad92c1c24a88c369ed81ccfc776236f40d49
-
SSDEEP
24576:bMbXdVtTj2i64T+jdxQCfgOFD3WSwd2QtBBw6xxhVxQtmibjOhZaiRu/4oMaop0P:bMhbTChxKCnFnQXBbrtgb/iQvu0UHOaE
Static task
static1
Behavioral task
behavioral1
Sample
0b84008fd4237fdd2a952ba968aec2b0e429801cbab4a016ee32db6e4eeb283bN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0b84008fd4237fdd2a952ba968aec2b0e429801cbab4a016ee32db6e4eeb283bN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
0b84008fd4237fdd2a952ba968aec2b0e429801cbab4a016ee32db6e4eeb283bN
-
Size
1.8MB
-
MD5
8ae84d125b4d3cca4b310a9f519747a0
-
SHA1
9f28f6eecb9ce84bd918f22c9af5f6e102ef6e57
-
SHA256
0b84008fd4237fdd2a952ba968aec2b0e429801cbab4a016ee32db6e4eeb283b
-
SHA512
15268db416f0bcc2512f7f62d95903ea559f8e2fe697adcfc05067a03453d1b3c748040882010ed565bda1ee6f2fad92c1c24a88c369ed81ccfc776236f40d49
-
SSDEEP
24576:bMbXdVtTj2i64T+jdxQCfgOFD3WSwd2QtBBw6xxhVxQtmibjOhZaiRu/4oMaop0P:bMhbTChxKCnFnQXBbrtgb/iQvu0UHOaE
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Modify Registry
3