Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2ecff01cd1e6a7d7be11233eeec60c1fe75be4d6b601bb658ff1f55077325121

  • Size

    167KB

  • Sample

    221020-k1rmcsege9

  • MD5

    80a91d94d8da4719e924205c807bb470

  • SHA1

    d1843adbf687b1884ae9b8ba7e5e213ba1a3420f

  • SHA256

    2ecff01cd1e6a7d7be11233eeec60c1fe75be4d6b601bb658ff1f55077325121

  • SHA512

    572a6b78fafeecf883380eae2a2e4adfe6c2c52620a0989266da035bd5980c3f91cd07d15b7f18b635f39ac1ddff89b58da85dc37f076f34fdb83f99c2000d4f

  • SSDEEP

    3072:A+xcVA6zP7kJ9tT0LOVpWhJB8UI3AmckWzl+51z4ksrzRRz6EGb03:A+yVA0W9tYL58UIqlCeC

Score
10/10

Malware Config

Targets

    • Target

      2ecff01cd1e6a7d7be11233eeec60c1fe75be4d6b601bb658ff1f55077325121

    • Size

      167KB

    • MD5

      80a91d94d8da4719e924205c807bb470

    • SHA1

      d1843adbf687b1884ae9b8ba7e5e213ba1a3420f

    • SHA256

      2ecff01cd1e6a7d7be11233eeec60c1fe75be4d6b601bb658ff1f55077325121

    • SHA512

      572a6b78fafeecf883380eae2a2e4adfe6c2c52620a0989266da035bd5980c3f91cd07d15b7f18b635f39ac1ddff89b58da85dc37f076f34fdb83f99c2000d4f

    • SSDEEP

      3072:A+xcVA6zP7kJ9tT0LOVpWhJB8UI3AmckWzl+51z4ksrzRRz6EGb03:A+yVA0W9tYL58UIqlCeC

    Score
    10/10
    • Modifies security service

    • Executes dropped EXE

    • Registers COM server for autorun

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks