Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0f82e7f3277a2304e92d43bef14210bcb039f111c35b5672d130f7ceae80cb97

  • Size

    509KB

  • Sample

    221020-hvm1waafbk

  • MD5

    799272d844e730a754dcb56381f695d0

  • SHA1

    7bb287e07fd8cc5248a90984dfcbc46f331c3062

  • SHA256

    0f82e7f3277a2304e92d43bef14210bcb039f111c35b5672d130f7ceae80cb97

  • SHA512

    3559053d05ccb227c305d6f82cc23b22426a0338a079cdca7c5814179c2e8c04ead778f35f91d5e1ca32bedc82bd5123b7edbb83f585673d35154881a6df3bee

  • SSDEEP

    12288:jgDhdkq5BCoC5LfWSLTUQpr2Zu19Qm7zN:jgDhdkMRWfLTUO2Zu1um7zN

Score
10/10

Malware Config

Targets

    • Target

      0f82e7f3277a2304e92d43bef14210bcb039f111c35b5672d130f7ceae80cb97

    • Size

      509KB

    • MD5

      799272d844e730a754dcb56381f695d0

    • SHA1

      7bb287e07fd8cc5248a90984dfcbc46f331c3062

    • SHA256

      0f82e7f3277a2304e92d43bef14210bcb039f111c35b5672d130f7ceae80cb97

    • SHA512

      3559053d05ccb227c305d6f82cc23b22426a0338a079cdca7c5814179c2e8c04ead778f35f91d5e1ca32bedc82bd5123b7edbb83f585673d35154881a6df3bee

    • SSDEEP

      12288:jgDhdkq5BCoC5LfWSLTUQpr2Zu19Qm7zN:jgDhdkMRWfLTUO2Zu1um7zN

    Score
    10/10
    • Modifies WinLogon for persistence

    • Disables RegEdit via registry modification

    • Disables Task Manager via registry modification

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks