Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
dc0aa34d5b5388887745ffb8c941922a3d801afa324213a5972b02b7136b4cb4.exe
-
Size
32KB
-
Sample
250217-b96yzawles
-
MD5
c2b54a1bff4b796adb7292ea8321115c
-
SHA1
9041c0b256c4206ac2a98c9587db959b6081e4b2
-
SHA256
dc0aa34d5b5388887745ffb8c941922a3d801afa324213a5972b02b7136b4cb4
-
SHA512
37414d0ee31e65593fbaed5a9880c448eec115264511d70e1aae849446da9b1e072f9153d88ea152ca297efe4865aa7335721fc28d803d185062ea4751411a0b
-
SSDEEP
768:QpahIdmVIBW+rv7kIk15oB19mPHXRHrMWNCSGcdH8zevcN:QIhIdmVIBW+z7tB19CR55+CvcN
Malware Config
Targets
-
-
Target
dc0aa34d5b5388887745ffb8c941922a3d801afa324213a5972b02b7136b4cb4.exe
-
Size
32KB
-
MD5
c2b54a1bff4b796adb7292ea8321115c
-
SHA1
9041c0b256c4206ac2a98c9587db959b6081e4b2
-
SHA256
dc0aa34d5b5388887745ffb8c941922a3d801afa324213a5972b02b7136b4cb4
-
SHA512
37414d0ee31e65593fbaed5a9880c448eec115264511d70e1aae849446da9b1e072f9153d88ea152ca297efe4865aa7335721fc28d803d185062ea4751411a0b
-
SSDEEP
768:QpahIdmVIBW+rv7kIk15oB19mPHXRHrMWNCSGcdH8zevcN:QIhIdmVIBW+z7tB19CR55+CvcN
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2