Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ef7dc1b61660664619d49a55e3c40b02ef4a23d7e1e3ecd33b0fcf0ad4a90da1

  • Size

    216KB

  • Sample

    221106-hra7xabddn

  • MD5

    11bda24cc4e19c541920134e51876ab8

  • SHA1

    4f2074f4c937b18f4585bab49a5bbdad38f1e9a8

  • SHA256

    ef7dc1b61660664619d49a55e3c40b02ef4a23d7e1e3ecd33b0fcf0ad4a90da1

  • SHA512

    d65a8be196d0136647ee774fa0ee18c274e74c40736a7e42f61d37401b8e2ca6c7fee93249a9d0e54b23fc43d3da557052594c1a2c0c50c73742a1fc0c9f6e52

  • SSDEEP

    6144:wVPZ5XI8NKUPuwyvFz/rIwwBrHghSbGq:OPZ5Y84UWJruBrAhS

Score
10/10

Malware Config

Targets

    • Target

      ef7dc1b61660664619d49a55e3c40b02ef4a23d7e1e3ecd33b0fcf0ad4a90da1

    • Size

      216KB

    • MD5

      11bda24cc4e19c541920134e51876ab8

    • SHA1

      4f2074f4c937b18f4585bab49a5bbdad38f1e9a8

    • SHA256

      ef7dc1b61660664619d49a55e3c40b02ef4a23d7e1e3ecd33b0fcf0ad4a90da1

    • SHA512

      d65a8be196d0136647ee774fa0ee18c274e74c40736a7e42f61d37401b8e2ca6c7fee93249a9d0e54b23fc43d3da557052594c1a2c0c50c73742a1fc0c9f6e52

    • SSDEEP

      6144:wVPZ5XI8NKUPuwyvFz/rIwwBrHghSbGq:OPZ5Y84UWJruBrAhS

    Score
    10/10
    • Modifies security service

    • Executes dropped EXE

    • Registers COM server for autorun

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks