Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dc154690af2797f3ef92f860c4deb7aecde24af6c31cf74435b8a5b0e1618c63

  • Size

    294KB

  • Sample

    221019-1ddpzshea9

  • MD5

    91045333f53d3f0de734d2125cea4adc

  • SHA1

    10c4186201be8b9935ab6a65907e4c36f1e1bac2

  • SHA256

    dc154690af2797f3ef92f860c4deb7aecde24af6c31cf74435b8a5b0e1618c63

  • SHA512

    28f0ceb68bdb116f08d79a950980ba88d8e311755c4f62b0ddd821449d4ae887790f7b24408790e9cab79d66a5548e484af4a9b65f8811ac6d4f5654f09c90bb

  • SSDEEP

    3072:3AHaEWRQgt268R0qI59sY9dLvEnj5bJApXtQp8ikQwIerUzg/kz7GtQ6Qv6eZiIn:gaQmRM5WIMgg8L6svZ58egcS

Score
10/10

Malware Config

Targets

    • Target

      dc154690af2797f3ef92f860c4deb7aecde24af6c31cf74435b8a5b0e1618c63

    • Size

      294KB

    • MD5

      91045333f53d3f0de734d2125cea4adc

    • SHA1

      10c4186201be8b9935ab6a65907e4c36f1e1bac2

    • SHA256

      dc154690af2797f3ef92f860c4deb7aecde24af6c31cf74435b8a5b0e1618c63

    • SHA512

      28f0ceb68bdb116f08d79a950980ba88d8e311755c4f62b0ddd821449d4ae887790f7b24408790e9cab79d66a5548e484af4a9b65f8811ac6d4f5654f09c90bb

    • SSDEEP

      3072:3AHaEWRQgt268R0qI59sY9dLvEnj5bJApXtQp8ikQwIerUzg/kz7GtQ6Qv6eZiIn:gaQmRM5WIMgg8L6svZ58egcS

    Score
    10/10
    • Modifies firewall policy service

    • Modifies security service

    • Sets service image path in registry

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks