Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    827563c552eabaf7a926e0ee854db8fbf854dc91c2094e1a0d24d87ea57255b9

  • Size

    800KB

  • Sample

    221106-tpbw7schbj

  • MD5

    0805d96eb2c3d5122f32d5a822344b00

  • SHA1

    dfdc48badbaf9308b4f39883142e124b419e980a

  • SHA256

    827563c552eabaf7a926e0ee854db8fbf854dc91c2094e1a0d24d87ea57255b9

  • SHA512

    65a6a1a328f31ffb30a23b7e5c904c167b681bd42cb3cffce6b827095984eac57e61c5106f0b601844a5f5dd4d6aea0b0242ca74cb7f2814d9e70e0de8e51076

  • SSDEEP

    6144:PTBcx19YgC8Ukq9NXcHNINzsr5IW4Fxpr7dTHbmdUnmXr3w798r4:PTB09SkkNXKgor5IWk3rkegrO

Score
10/10

Malware Config

Targets

    • Target

      827563c552eabaf7a926e0ee854db8fbf854dc91c2094e1a0d24d87ea57255b9

    • Size

      800KB

    • MD5

      0805d96eb2c3d5122f32d5a822344b00

    • SHA1

      dfdc48badbaf9308b4f39883142e124b419e980a

    • SHA256

      827563c552eabaf7a926e0ee854db8fbf854dc91c2094e1a0d24d87ea57255b9

    • SHA512

      65a6a1a328f31ffb30a23b7e5c904c167b681bd42cb3cffce6b827095984eac57e61c5106f0b601844a5f5dd4d6aea0b0242ca74cb7f2814d9e70e0de8e51076

    • SSDEEP

      6144:PTBcx19YgC8Ukq9NXcHNINzsr5IW4Fxpr7dTHbmdUnmXr3w798r4:PTB09SkkNXKgor5IWk3rkegrO

    Score
    10/10
    • Modifies WinLogon for persistence

    • Disables RegEdit via registry modification

    • Disables Task Manager via registry modification

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Modifies WinLogon

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks