Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e6a4d8b6d7aff9da51b3cecc9a09d9e8034801373c5137a1f53e57eb4bec1e29

  • Size

    699KB

  • Sample

    221029-ct89tshbfn

  • MD5

    a5aa82a4ec9ea85ca1f098c2c76b6fa0

  • SHA1

    20cc4efde66be8362c1725817c7cd56e0f5892e3

  • SHA256

    e6a4d8b6d7aff9da51b3cecc9a09d9e8034801373c5137a1f53e57eb4bec1e29

  • SHA512

    97da9d19e9e11d0cc751fa1b0ef84e1cba829603e1132fb63a5d632ecb52a594974e54e5e74f3a46b3a20a374ddf140244b00c7f9a99d6357dab3efb7d12b5e0

  • SSDEEP

    12288:gOzerQZb+md4w1UXYeZJys73dOvXDpNjNe8mKut:9erQZb+md4wmoeZJ8NI80

Score
10/10

Malware Config

Targets

    • Target

      e6a4d8b6d7aff9da51b3cecc9a09d9e8034801373c5137a1f53e57eb4bec1e29

    • Size

      699KB

    • MD5

      a5aa82a4ec9ea85ca1f098c2c76b6fa0

    • SHA1

      20cc4efde66be8362c1725817c7cd56e0f5892e3

    • SHA256

      e6a4d8b6d7aff9da51b3cecc9a09d9e8034801373c5137a1f53e57eb4bec1e29

    • SHA512

      97da9d19e9e11d0cc751fa1b0ef84e1cba829603e1132fb63a5d632ecb52a594974e54e5e74f3a46b3a20a374ddf140244b00c7f9a99d6357dab3efb7d12b5e0

    • SSDEEP

      12288:gOzerQZb+md4w1UXYeZJys73dOvXDpNjNe8mKut:9erQZb+md4wmoeZJ8NI80

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Executes dropped EXE

    • Sets file execution options in registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks