Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

e4a6e22f7e...85.exe

windows7-x64

10

e4a6e22f7e...85.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e4a6e22f7eb4db0da658063838ed31dfa291031d4f72c607c7c2e4c408702c85

  • Size

    490KB

  • Sample

    221030-y99fesaehq

  • MD5

    a20e245f936c3ccaa839cd02b8c93057

  • SHA1

    feda5e95b3419134e27e68b464b542fb135acdc0

  • SHA256

    e4a6e22f7eb4db0da658063838ed31dfa291031d4f72c607c7c2e4c408702c85

  • SHA512

    f4551f0e7fcc6b3be06ed600801e3f6fbfc0720a441fecbaea21014f2f4cabe854d0c9ca7b5a06af87425876882de3220c709f9c295fd1bf0bc0ccf53893faca

  • SSDEEP

    6144:APOxLfPcvgKVotUkrA4pn9X5E9T85rgSk04VId:A0zKJkrA4pn9X5E9T8VgO46

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      e4a6e22f7eb4db0da658063838ed31dfa291031d4f72c607c7c2e4c408702c85

    • Size

      490KB

    • MD5

      a20e245f936c3ccaa839cd02b8c93057

    • SHA1

      feda5e95b3419134e27e68b464b542fb135acdc0

    • SHA256

      e4a6e22f7eb4db0da658063838ed31dfa291031d4f72c607c7c2e4c408702c85

    • SHA512

      f4551f0e7fcc6b3be06ed600801e3f6fbfc0720a441fecbaea21014f2f4cabe854d0c9ca7b5a06af87425876882de3220c709f9c295fd1bf0bc0ccf53893faca

    • SSDEEP

      6144:APOxLfPcvgKVotUkrA4pn9X5E9T85rgSk04VId:A0zKJkrA4pn9X5E9T8VgO46

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks