Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

70da95bde4...3f.exe

windows7-x64

8

70da95bde4...3f.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    70da95bde4d981eb2f6ed954ce886e9245893a62e887cc236cd919bc4bb16d3f

  • Size

    120KB

  • Sample

    221028-1rl9aaggb2

  • MD5

    00668f0deb99a2637b16440276129960

  • SHA1

    1418e1115bb3b220537040b46b55e34e2b742054

  • SHA256

    70da95bde4d981eb2f6ed954ce886e9245893a62e887cc236cd919bc4bb16d3f

  • SHA512

    051a534f0415f4780719b2a7e3d453f8becb1b92369eeabd65a8dbe3b8e5bac821e98e253a0f6c5424b4abc6d519425bb2a1f87de2ffbd00dd14d43a53e70b61

  • SSDEEP

    1536:QgAj3mHyqEyyGwk4KTOGHcKhgnPZcHHTuipl/oUY3Fw:ryZyyupOYenPZcn3lgUY

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      70da95bde4d981eb2f6ed954ce886e9245893a62e887cc236cd919bc4bb16d3f

    • Size

      120KB

    • MD5

      00668f0deb99a2637b16440276129960

    • SHA1

      1418e1115bb3b220537040b46b55e34e2b742054

    • SHA256

      70da95bde4d981eb2f6ed954ce886e9245893a62e887cc236cd919bc4bb16d3f

    • SHA512

      051a534f0415f4780719b2a7e3d453f8becb1b92369eeabd65a8dbe3b8e5bac821e98e253a0f6c5424b4abc6d519425bb2a1f87de2ffbd00dd14d43a53e70b61

    • SSDEEP

      1536:QgAj3mHyqEyyGwk4KTOGHcKhgnPZcHHTuipl/oUY3Fw:ryZyyupOYenPZcn3lgUY

    Score
    8/10
    evasionpersistence

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Stops running service(s)

      evasion

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks