Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    db8deaaefee1927cc7237e8ca9d28f3721336d105253d9858fd0e247261fc067

  • Size

    47KB

  • Sample

    221002-hexkdaccg7

  • MD5

    63f83e10075b4c8c5d77439d0db62cd1

  • SHA1

    9142c668c3d48a54af8b5f3cf89e7db5a538c068

  • SHA256

    db8deaaefee1927cc7237e8ca9d28f3721336d105253d9858fd0e247261fc067

  • SHA512

    aa1a64656ed9e4ab9c0ab572fd9edcf40cce6e6fa3f726778b1cf4dc702aab9a1673b34653f808b3b394edfd364e377012566d0abd4cf7535db334e56370af62

  • SSDEEP

    768:p6XSLKmEo9lxZERGo2alk32BwTDAHzA6oGJ69Lj:pWWEov2pIj

Malware Config

Targets

    • Target

      db8deaaefee1927cc7237e8ca9d28f3721336d105253d9858fd0e247261fc067

    • Size

      47KB

    • MD5

      63f83e10075b4c8c5d77439d0db62cd1

    • SHA1

      9142c668c3d48a54af8b5f3cf89e7db5a538c068

    • SHA256

      db8deaaefee1927cc7237e8ca9d28f3721336d105253d9858fd0e247261fc067

    • SHA512

      aa1a64656ed9e4ab9c0ab572fd9edcf40cce6e6fa3f726778b1cf4dc702aab9a1673b34653f808b3b394edfd364e377012566d0abd4cf7535db334e56370af62

    • SSDEEP

      768:p6XSLKmEo9lxZERGo2alk32BwTDAHzA6oGJ69Lj:pWWEov2pIj

    • Modifies security service

    • Modifies system executable filetype association

    • Modifies visiblity of hidden/system files in Explorer

    • UAC bypass

    • Windows security bypass

    • Disables RegEdit via registry modification

    • Disables Task Manager via registry modification

    • Disables use of System Restore points

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Sets file execution options in registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks