Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    36b3add1eec474f1eeb6769f238b5e70fce7f6e1409d6c25553595b811d65d02

  • Size

    199KB

  • Sample

    221106-k76d4affcq

  • MD5

    2cd6a4970a4be157f3acf3358928b3c0

  • SHA1

    64963623cdd6295df1c886a8d277448561d1d962

  • SHA256

    36b3add1eec474f1eeb6769f238b5e70fce7f6e1409d6c25553595b811d65d02

  • SHA512

    49fc3d6364ef90113b172de933d8f986f95c7315310b5ddf6e55525a9c2e3176a51cdfd97e6bd08ed5563ad918cf575bb45e52f52c5860a8191a5ee87905abff

  • SSDEEP

    3072:B3Hb/JCI5Hh1PR8/+SCSwp0HBSDCfM7OFeBoPM9ArZuih+cUsf:9jwQHrR8/Apm18O8BJ9BihN

Score
8/10

Malware Config

Targets

    • Target

      36b3add1eec474f1eeb6769f238b5e70fce7f6e1409d6c25553595b811d65d02

    • Size

      199KB

    • MD5

      2cd6a4970a4be157f3acf3358928b3c0

    • SHA1

      64963623cdd6295df1c886a8d277448561d1d962

    • SHA256

      36b3add1eec474f1eeb6769f238b5e70fce7f6e1409d6c25553595b811d65d02

    • SHA512

      49fc3d6364ef90113b172de933d8f986f95c7315310b5ddf6e55525a9c2e3176a51cdfd97e6bd08ed5563ad918cf575bb45e52f52c5860a8191a5ee87905abff

    • SSDEEP

      3072:B3Hb/JCI5Hh1PR8/+SCSwp0HBSDCfM7OFeBoPM9ArZuih+cUsf:9jwQHrR8/Apm18O8BJ9BihN

    Score
    8/10
    • Executes dropped EXE

    • Registers COM server for autorun

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks