Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a674e4d991daf4bd597c94ede8b34237f7887a9a6187acbdb3bb0f63f3500af8

  • Size

    186KB

  • Sample

    221011-althasfch2

  • MD5

    6fc7d46bf78a5dea96c7fdc9d5456743

  • SHA1

    0ae6ca13828c488ac0546af3a21d5160b9619a58

  • SHA256

    a674e4d991daf4bd597c94ede8b34237f7887a9a6187acbdb3bb0f63f3500af8

  • SHA512

    2c5f3495bc7d4d52170fafbb58646ff32357bd7158c8e3ec9779e2b4408468e91992a07f6112f1a3c0fb84c8d51dca65a1fbbc2479893233db4de607fdc7336d

  • SSDEEP

    3072:rimsXXK9HRTOeriRfP6pXfSb0dspqc5oY0htVFAHT11Ual21Cxcs0HKAH057kyJo:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HWa

Score
10/10

Malware Config

Targets

    • Target

      a674e4d991daf4bd597c94ede8b34237f7887a9a6187acbdb3bb0f63f3500af8

    • Size

      186KB

    • MD5

      6fc7d46bf78a5dea96c7fdc9d5456743

    • SHA1

      0ae6ca13828c488ac0546af3a21d5160b9619a58

    • SHA256

      a674e4d991daf4bd597c94ede8b34237f7887a9a6187acbdb3bb0f63f3500af8

    • SHA512

      2c5f3495bc7d4d52170fafbb58646ff32357bd7158c8e3ec9779e2b4408468e91992a07f6112f1a3c0fb84c8d51dca65a1fbbc2479893233db4de607fdc7336d

    • SSDEEP

      3072:rimsXXK9HRTOeriRfP6pXfSb0dspqc5oY0htVFAHT11Ual21Cxcs0HKAH057kyJo:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HWa

    Score
    10/10
    • Modifies WinLogon for persistence

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks