Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a674e4d991daf4bd597c94ede8b34237f7887a9a6187acbdb3bb0f63f3500af8
-
Size
186KB
-
Sample
221011-althasfch2
-
MD5
6fc7d46bf78a5dea96c7fdc9d5456743
-
SHA1
0ae6ca13828c488ac0546af3a21d5160b9619a58
-
SHA256
a674e4d991daf4bd597c94ede8b34237f7887a9a6187acbdb3bb0f63f3500af8
-
SHA512
2c5f3495bc7d4d52170fafbb58646ff32357bd7158c8e3ec9779e2b4408468e91992a07f6112f1a3c0fb84c8d51dca65a1fbbc2479893233db4de607fdc7336d
-
SSDEEP
3072:rimsXXK9HRTOeriRfP6pXfSb0dspqc5oY0htVFAHT11Ual21Cxcs0HKAH057kyJo:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HWa
Behavioral task
behavioral1
Sample
a674e4d991daf4bd597c94ede8b34237f7887a9a6187acbdb3bb0f63f3500af8.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a674e4d991daf4bd597c94ede8b34237f7887a9a6187acbdb3bb0f63f3500af8.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
a674e4d991daf4bd597c94ede8b34237f7887a9a6187acbdb3bb0f63f3500af8
-
Size
186KB
-
MD5
6fc7d46bf78a5dea96c7fdc9d5456743
-
SHA1
0ae6ca13828c488ac0546af3a21d5160b9619a58
-
SHA256
a674e4d991daf4bd597c94ede8b34237f7887a9a6187acbdb3bb0f63f3500af8
-
SHA512
2c5f3495bc7d4d52170fafbb58646ff32357bd7158c8e3ec9779e2b4408468e91992a07f6112f1a3c0fb84c8d51dca65a1fbbc2479893233db4de607fdc7336d
-
SSDEEP
3072:rimsXXK9HRTOeriRfP6pXfSb0dspqc5oY0htVFAHT11Ual21Cxcs0HKAH057kyJo:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HWa
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-