Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    accd6b29097b0d9f3df050ebe9f85443dff541391b24381c4c39a4fc8727120d

  • Size

    1.1MB

  • Sample

    221001-ymlqvaeddr

  • MD5

    4c4a1796e61e532a3a9108c705f5b74e

  • SHA1

    2a6bc5c5cdcefac83bd47b58761690bc4dfb4284

  • SHA256

    accd6b29097b0d9f3df050ebe9f85443dff541391b24381c4c39a4fc8727120d

  • SHA512

    024baf100e11ea53af0bf3dec768ced839c1ba9a23c0f66aa0f3c336be63e90c7e8cb4c19a12b4d9381fe971ea886fb1f69ea8ec8d369c2521a779c3b80b93fa

  • SSDEEP

    24576:ubq0z+FMnSJU96SyN+rsbvco1Pc9McNC1Dy4D6N+/GtD9M7SW0LvZkDV:ubx8MSJfT+rsbPK93NSDB+N+QO3NDV

Malware Config

Targets

    • Target

      accd6b29097b0d9f3df050ebe9f85443dff541391b24381c4c39a4fc8727120d

    • Size

      1.1MB

    • MD5

      4c4a1796e61e532a3a9108c705f5b74e

    • SHA1

      2a6bc5c5cdcefac83bd47b58761690bc4dfb4284

    • SHA256

      accd6b29097b0d9f3df050ebe9f85443dff541391b24381c4c39a4fc8727120d

    • SHA512

      024baf100e11ea53af0bf3dec768ced839c1ba9a23c0f66aa0f3c336be63e90c7e8cb4c19a12b4d9381fe971ea886fb1f69ea8ec8d369c2521a779c3b80b93fa

    • SSDEEP

      24576:ubq0z+FMnSJU96SyN+rsbvco1Pc9McNC1Dy4D6N+/GtD9M7SW0LvZkDV:ubx8MSJfT+rsbPK93NSDB+N+QO3NDV

    • Executes dropped EXE

    • Modifies Windows Firewall

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks