Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2c8cd657be787c01ad38804d2a8800063bb3659c949b78bd1e7421359d7bb499

  • Size

    193KB

  • Sample

    221106-lcfevsfhcq

  • MD5

    1cbbb50c24c473d38d59adc2982f9fb1

  • SHA1

    ef1ec9c07b572677b861d3b25fbabdd82e8dc09a

  • SHA256

    2c8cd657be787c01ad38804d2a8800063bb3659c949b78bd1e7421359d7bb499

  • SHA512

    ee1dae93623378dcc19175d27f7864e90a52c0baadd4ea170555f10f127a22217da631c526b44ba70e445a7cb8213ad17b59810b662e27b90109fc01b58dec48

  • SSDEEP

    3072:vEbj62ljRh1XdjK7VgGaXHQM1ddi4FJ5Y0zczXgifDM3C093JtYW:mZx1XppXwTalzmgifDMyobYW

Score
8/10

Malware Config

Targets

    • Target

      2c8cd657be787c01ad38804d2a8800063bb3659c949b78bd1e7421359d7bb499

    • Size

      193KB

    • MD5

      1cbbb50c24c473d38d59adc2982f9fb1

    • SHA1

      ef1ec9c07b572677b861d3b25fbabdd82e8dc09a

    • SHA256

      2c8cd657be787c01ad38804d2a8800063bb3659c949b78bd1e7421359d7bb499

    • SHA512

      ee1dae93623378dcc19175d27f7864e90a52c0baadd4ea170555f10f127a22217da631c526b44ba70e445a7cb8213ad17b59810b662e27b90109fc01b58dec48

    • SSDEEP

      3072:vEbj62ljRh1XdjK7VgGaXHQM1ddi4FJ5Y0zczXgifDM3C093JtYW:mZx1XppXwTalzmgifDMyobYW

    Score
    8/10
    • Executes dropped EXE

    • Registers COM server for autorun

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks