Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    690d258f4e9f86ecdc551a268db098c3a3029866f31d96cdc1177c49c6e5f27b

  • Size

    210KB

  • Sample

    221107-h3v2fsgafn

  • MD5

    0da78b6b371fdf8688009e20cf37ceb0

  • SHA1

    380059acac2164b762bb8a042888cea075045780

  • SHA256

    690d258f4e9f86ecdc551a268db098c3a3029866f31d96cdc1177c49c6e5f27b

  • SHA512

    b7e56494c9462aefea4a7cb07c5175a650ae7d5910f120826f32915e478ff9269d3d46999ff44b8bece2ae8cafc71c24f74841d49319cf529c61407ceb2e65ca

  • SSDEEP

    3072:sPUfyo6aRh6CzNiof2HtA2PtLR34PQhVDYwNXKakdyvlJeGhsYa/YWGGXHjf/Rgr:sagCxLf2NA0tK4XDYwNp

Malware Config

Targets

    • Target

      690d258f4e9f86ecdc551a268db098c3a3029866f31d96cdc1177c49c6e5f27b

    • Size

      210KB

    • MD5

      0da78b6b371fdf8688009e20cf37ceb0

    • SHA1

      380059acac2164b762bb8a042888cea075045780

    • SHA256

      690d258f4e9f86ecdc551a268db098c3a3029866f31d96cdc1177c49c6e5f27b

    • SHA512

      b7e56494c9462aefea4a7cb07c5175a650ae7d5910f120826f32915e478ff9269d3d46999ff44b8bece2ae8cafc71c24f74841d49319cf529c61407ceb2e65ca

    • SSDEEP

      3072:sPUfyo6aRh6CzNiof2HtA2PtLR34PQhVDYwNXKakdyvlJeGhsYa/YWGGXHjf/Rgr:sagCxLf2NA0tK4XDYwNp

    • UAC bypass

    • Adds policy Run key to start application

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks