Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e0dda239dd4cf24ec7015ecca493eede2dc7eadf0dc70c7b9501bf756f14300f
-
Size
3.6MB
-
Sample
241018-ekbnbawcjd
-
MD5
7c3b6a7c2de1cc8c037818a6c2dc3ce2
-
SHA1
2a32e017d73cc9af9ae56ac5d68deeb684b8429e
-
SHA256
e0dda239dd4cf24ec7015ecca493eede2dc7eadf0dc70c7b9501bf756f14300f
-
SHA512
bf19b68384a4cea0693412d7dfded2dc9cdb15e1632f538a8c83cc7f4a6b54b29fbeacd01162d9dda0243d6872477a90278a9e6beadf97bd397c9d4318134132
-
SSDEEP
768:m/raHM782f9rvs2Zg5nicskQzTGfxgzh3emu4v/eB4z7VP7LdGSu2HyTAzfMgTAM:m/roM7ZJfUQWgY54vqy
Static task
static1
Behavioral task
behavioral1
Sample
e0dda239dd4cf24ec7015ecca493eede2dc7eadf0dc70c7b9501bf756f14300f.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
e0dda239dd4cf24ec7015ecca493eede2dc7eadf0dc70c7b9501bf756f14300f.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
e0dda239dd4cf24ec7015ecca493eede2dc7eadf0dc70c7b9501bf756f14300f
-
Size
3.6MB
-
MD5
7c3b6a7c2de1cc8c037818a6c2dc3ce2
-
SHA1
2a32e017d73cc9af9ae56ac5d68deeb684b8429e
-
SHA256
e0dda239dd4cf24ec7015ecca493eede2dc7eadf0dc70c7b9501bf756f14300f
-
SHA512
bf19b68384a4cea0693412d7dfded2dc9cdb15e1632f538a8c83cc7f4a6b54b29fbeacd01162d9dda0243d6872477a90278a9e6beadf97bd397c9d4318134132
-
SSDEEP
768:m/raHM782f9rvs2Zg5nicskQzTGfxgzh3emu4v/eB4z7VP7LdGSu2HyTAzfMgTAM:m/roM7ZJfUQWgY54vqy
Score10/10-
Modifies visibility of file extensions in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
3