Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2e4c2cc02c8072fd09caab54d81fa46f5392957a8332f71c0a1c19055dd1f7e6

  • Size

    246KB

  • Sample

    221107-dbdkwadgb6

  • MD5

    0fc92e2fab6f2a6fd8167349807604d1

  • SHA1

    faeaef226ef472099089656c92f832963d74a809

  • SHA256

    2e4c2cc02c8072fd09caab54d81fa46f5392957a8332f71c0a1c19055dd1f7e6

  • SHA512

    ba68f0312385667d7243aad77809f36f427951ffa3c7f3ffe3396ec806c782ef218c1eb6a5f35ee146e26e36c1a810f0eda0045a16417d5edb4578069b3fe054

  • SSDEEP

    6144:AuMJWY+qaHEQCcYfSBYJbQCjRcqESEgm6Anhc1kG6EmRzx:A+YcUc6SBLLTSEgBAnhc1kGsx

Score
10/10

Malware Config

Targets

    • Target

      2e4c2cc02c8072fd09caab54d81fa46f5392957a8332f71c0a1c19055dd1f7e6

    • Size

      246KB

    • MD5

      0fc92e2fab6f2a6fd8167349807604d1

    • SHA1

      faeaef226ef472099089656c92f832963d74a809

    • SHA256

      2e4c2cc02c8072fd09caab54d81fa46f5392957a8332f71c0a1c19055dd1f7e6

    • SHA512

      ba68f0312385667d7243aad77809f36f427951ffa3c7f3ffe3396ec806c782ef218c1eb6a5f35ee146e26e36c1a810f0eda0045a16417d5edb4578069b3fe054

    • SSDEEP

      6144:AuMJWY+qaHEQCcYfSBYJbQCjRcqESEgm6Anhc1kG6EmRzx:A+YcUc6SBLLTSEgBAnhc1kGsx

    Score
    10/10
    • Modifies WinLogon for persistence

    • Disables RegEdit via registry modification

    • Disables Task Manager via registry modification

    • Modifies Installed Components in the registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks