Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

ed5ddb3e23...56.exe

windows7-x64

10

ed5ddb3e23...56.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ed5ddb3e232beed6a282ae611354f23f52d19608902cacc2c8603d08f47e4356

  • Size

    112KB

  • Sample

    221019-s3thqsebb5

  • MD5

    a2538c6804d919709078c918c87ac2ac

  • SHA1

    3052c8c6f61269c6d2ce8a4ec70c22be89f5c704

  • SHA256

    ed5ddb3e232beed6a282ae611354f23f52d19608902cacc2c8603d08f47e4356

  • SHA512

    4b55fbac9703bcc74f2f95a7300c03bcdb41a6236a6c1b1eb05e29e81dc14f7ff2eeaaa762763fa739d8d466c0755f0286b8349ff1c44ef003ffe9860df76f05

  • SSDEEP

    3072:zZjurA1K+w7KMuu1F+/jmSkmngV5CvMKT:1V9pj/2+2Ql

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      ed5ddb3e232beed6a282ae611354f23f52d19608902cacc2c8603d08f47e4356

    • Size

      112KB

    • MD5

      a2538c6804d919709078c918c87ac2ac

    • SHA1

      3052c8c6f61269c6d2ce8a4ec70c22be89f5c704

    • SHA256

      ed5ddb3e232beed6a282ae611354f23f52d19608902cacc2c8603d08f47e4356

    • SHA512

      4b55fbac9703bcc74f2f95a7300c03bcdb41a6236a6c1b1eb05e29e81dc14f7ff2eeaaa762763fa739d8d466c0755f0286b8349ff1c44ef003ffe9860df76f05

    • SSDEEP

      3072:zZjurA1K+w7KMuu1F+/jmSkmngV5CvMKT:1V9pj/2+2Ql

    Score
    10/10
    evasionpersistence

    • Modifies firewall policy service

      evasion

    • Adds policy Run key to start application

      persistence

    • Sets service image path in registry

      persistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks