Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

ded34d75b0...43.exe

windows7-x64

8

ded34d75b0...43.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ded34d75b0240af24a733795142d50dbc55e170f8cceb32de15ce6b074020743

  • Size

    27KB

  • Sample

    221106-tnwvzscghq

  • MD5

    0dd0480764c07b5a1b37891da846f742

  • SHA1

    4973eafff66d8e21a9e4d608a7008f2e08cb42f0

  • SHA256

    ded34d75b0240af24a733795142d50dbc55e170f8cceb32de15ce6b074020743

  • SHA512

    3b253116de19a2af0a8cefb139ce8c526fd46f228e875b6c721fad754f89b703d4d6309e1922382749908c0e4f1f17c347a38b1c6118ffac83e2c82d2d2bc3cd

  • SSDEEP

    384:6H4Gn+N3UPfrdUSNpRPG+gvWqVGsgrjABtajsd63qCZLsKz7QVwbc:VNU3r5LPGlW8gv2cjF3qCZNzcqc

Score
8/10
persistence

Malware Config

Targets

    • Target

      ded34d75b0240af24a733795142d50dbc55e170f8cceb32de15ce6b074020743

    • Size

      27KB

    • MD5

      0dd0480764c07b5a1b37891da846f742

    • SHA1

      4973eafff66d8e21a9e4d608a7008f2e08cb42f0

    • SHA256

      ded34d75b0240af24a733795142d50dbc55e170f8cceb32de15ce6b074020743

    • SHA512

      3b253116de19a2af0a8cefb139ce8c526fd46f228e875b6c721fad754f89b703d4d6309e1922382749908c0e4f1f17c347a38b1c6118ffac83e2c82d2d2bc3cd

    • SSDEEP

      384:6H4Gn+N3UPfrdUSNpRPG+gvWqVGsgrjABtajsd63qCZLsKz7QVwbc:VNU3r5LPGlW8gv2cjF3qCZNzcqc

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Sets file execution options in registry

      persistence

    • Deletes itself

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks