Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

a62719f6eb...a0.exe

windows7-x64

10

a62719f6eb...a0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a62719f6eba55262c8391d234b0be63fb5f8324c3c2df001fff47eddcaa857a0

  • Size

    228KB

  • Sample

    221106-nsn32shgg6

  • MD5

    07be76977d2328bb386a47779c9e1bc1

  • SHA1

    16a905818f7fde2f9708e4fd0636f956986d8864

  • SHA256

    a62719f6eba55262c8391d234b0be63fb5f8324c3c2df001fff47eddcaa857a0

  • SHA512

    dd1f0a0cef38096c604971cea5b76a1a522bee513f689aa2bc4aa4b2c45413237007b82f9a9018e753470e2a3573304f5adc95e89e636fcd36bce6de7edac2fc

  • SSDEEP

    3072:RJYqAlIg4OrsxE0s3mGLeBdNN+XEB4HH7UIZiu7p9Le3ZqsUM8:Ux4ksiWGLeBZr4nkKLgxUM8

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      a62719f6eba55262c8391d234b0be63fb5f8324c3c2df001fff47eddcaa857a0

    • Size

      228KB

    • MD5

      07be76977d2328bb386a47779c9e1bc1

    • SHA1

      16a905818f7fde2f9708e4fd0636f956986d8864

    • SHA256

      a62719f6eba55262c8391d234b0be63fb5f8324c3c2df001fff47eddcaa857a0

    • SHA512

      dd1f0a0cef38096c604971cea5b76a1a522bee513f689aa2bc4aa4b2c45413237007b82f9a9018e753470e2a3573304f5adc95e89e636fcd36bce6de7edac2fc

    • SSDEEP

      3072:RJYqAlIg4OrsxE0s3mGLeBdNN+XEB4HH7UIZiu7p9Le3ZqsUM8:Ux4ksiWGLeBZr4nkKLgxUM8

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks