Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b921ad3673e52c1e1c0596f75fb8ccf0464bb98838f926f7c975a660188d95b3

  • Size

    313KB

  • Sample

    221107-mzqd1sehap

  • MD5

    20055c8671238163ca143a2929be39f6

  • SHA1

    034b708b06429f36a7952d5e2929f87d6de9134c

  • SHA256

    b921ad3673e52c1e1c0596f75fb8ccf0464bb98838f926f7c975a660188d95b3

  • SHA512

    c8cde8c7153fc6f77b9ff70fc457cc9d2874d526d5a268df9fd6aac7e5c3c32d9358873c2d1c2dd595c0cb970a23b909345d9baa495404a2d43fa8ac855aa9aa

  • SSDEEP

    6144:HpfHJ08j1FY6zj9KjkurnbQtqCg2hh/j6n8aJsdKPGL96eYyjKwpCDih9:ZHJN1FJpKjkuTUta23/Bae5UeYyADiH

Malware Config

Targets

    • Target

      b921ad3673e52c1e1c0596f75fb8ccf0464bb98838f926f7c975a660188d95b3

    • Size

      313KB

    • MD5

      20055c8671238163ca143a2929be39f6

    • SHA1

      034b708b06429f36a7952d5e2929f87d6de9134c

    • SHA256

      b921ad3673e52c1e1c0596f75fb8ccf0464bb98838f926f7c975a660188d95b3

    • SHA512

      c8cde8c7153fc6f77b9ff70fc457cc9d2874d526d5a268df9fd6aac7e5c3c32d9358873c2d1c2dd595c0cb970a23b909345d9baa495404a2d43fa8ac855aa9aa

    • SSDEEP

      6144:HpfHJ08j1FY6zj9KjkurnbQtqCg2hh/j6n8aJsdKPGL96eYyjKwpCDih9:ZHJN1FJpKjkuTUta23/Bae5UeYyADiH

    • Adds policy Run key to start application

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Deletes itself

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks