Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
da0d0e8f44c2bc071bfcf2d7d39be0d79647bf144d6096f2f70cc3a7d4143a78.exe
-
Size
48KB
-
Sample
241122-srw5gstkc1
-
MD5
c137b03e06b77c84fa7230c05ee51e7c
-
SHA1
50f746bf3eda1625b212f84ad2fb276c4960bd64
-
SHA256
da0d0e8f44c2bc071bfcf2d7d39be0d79647bf144d6096f2f70cc3a7d4143a78
-
SHA512
663f5c53ba3cd4ea57defb3fc8f406b145b363bb2f8056f0e3c838eafcbad3d597ee6d9aaf2a3cef7a3fcce8b57d19aa6f5fc2924f4971080424381c81c496b3
-
SSDEEP
768:q7GN0XTTPVqKKKKKKKKKKKKKKKKKKKKKKKKnKKKKKKo1QeGTwK0NHXsH6bJCYhx1:q7t/OHTwKqWAxcpvcqu74+JT
Malware Config
Targets
-
-
Target
da0d0e8f44c2bc071bfcf2d7d39be0d79647bf144d6096f2f70cc3a7d4143a78.exe
-
Size
48KB
-
MD5
c137b03e06b77c84fa7230c05ee51e7c
-
SHA1
50f746bf3eda1625b212f84ad2fb276c4960bd64
-
SHA256
da0d0e8f44c2bc071bfcf2d7d39be0d79647bf144d6096f2f70cc3a7d4143a78
-
SHA512
663f5c53ba3cd4ea57defb3fc8f406b145b363bb2f8056f0e3c838eafcbad3d597ee6d9aaf2a3cef7a3fcce8b57d19aa6f5fc2924f4971080424381c81c496b3
-
SSDEEP
768:q7GN0XTTPVqKKKKKKKKKKKKKKKKKKKKKKKKnKKKKKKo1QeGTwK0NHXsH6bJCYhx1:q7t/OHTwKqWAxcpvcqu74+JT
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2