Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

8

b88370eca8...2d.exe

windows7-x64

10

b88370eca8...2d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b88370eca80f18c18d05b1fb29f1b2d9d5be7e6faeaaf6b974979b7be5c6562d

  • Size

    2.2MB

  • Sample

    221106-1lwwjafahl

  • MD5

    07dc8bcc1e2e6fb01289eec6c1fe48e8

  • SHA1

    a6d08e7261a007e78b70080e0c56a74e45d81eb4

  • SHA256

    b88370eca80f18c18d05b1fb29f1b2d9d5be7e6faeaaf6b974979b7be5c6562d

  • SHA512

    024f7570673ad0eecc7ab56efc0dc29482b4a042ab177dc6d554511b5339ce8015ef63ee358ca632d02dc34df86cb2a9f43dacbf8c17391a13ceae7a797bfcf8

  • SSDEEP

    24576:ZMMpXS0hN0V0H5JfGMMTDVaNhi5k5nuYr4HZyKtNN:Kwi0L0q7GMMTDVaNhkk5nujZyKtNN

Score
10/10
aspackv2persistence

Malware Config

Targets

    • Target

      b88370eca80f18c18d05b1fb29f1b2d9d5be7e6faeaaf6b974979b7be5c6562d

    • Size

      2.2MB

    • MD5

      07dc8bcc1e2e6fb01289eec6c1fe48e8

    • SHA1

      a6d08e7261a007e78b70080e0c56a74e45d81eb4

    • SHA256

      b88370eca80f18c18d05b1fb29f1b2d9d5be7e6faeaaf6b974979b7be5c6562d

    • SHA512

      024f7570673ad0eecc7ab56efc0dc29482b4a042ab177dc6d554511b5339ce8015ef63ee358ca632d02dc34df86cb2a9f43dacbf8c17391a13ceae7a797bfcf8

    • SSDEEP

      24576:ZMMpXS0hN0V0H5JfGMMTDVaNhi5k5nuYr4HZyKtNN:Kwi0L0q7GMMTDVaNhkk5nujZyKtNN

    Score
    10/10
    aspackv2persistence

    • Modifies WinLogon for persistence

      persistence

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks