Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6968b5341c630be4df9cb25c486f4f349374fa094b4e070553ce0bfa5d849e35

  • Size

    647KB

  • Sample

    221107-t6mp2aadhp

  • MD5

    0b220f8a748fa02e6728cab8a918336e

  • SHA1

    cb0d4c1a190b15eb8514c42ef3068f724eed2715

  • SHA256

    6968b5341c630be4df9cb25c486f4f349374fa094b4e070553ce0bfa5d849e35

  • SHA512

    d0716cdb34087828a16b6f4413617016d309198efbbf91a93189c824c03aca527614aa674a1e948acbf5d4f4add36405012d1867e1bb32428a8fbfafb6428cdc

  • SSDEEP

    12288:ecA6SbVi42BFx8dU5pbHy/1fweshYAlB4XPKAkP3:eOSb32H6W5pby69F/39f

Score
10/10

Malware Config

Targets

    • Target

      6968b5341c630be4df9cb25c486f4f349374fa094b4e070553ce0bfa5d849e35

    • Size

      647KB

    • MD5

      0b220f8a748fa02e6728cab8a918336e

    • SHA1

      cb0d4c1a190b15eb8514c42ef3068f724eed2715

    • SHA256

      6968b5341c630be4df9cb25c486f4f349374fa094b4e070553ce0bfa5d849e35

    • SHA512

      d0716cdb34087828a16b6f4413617016d309198efbbf91a93189c824c03aca527614aa674a1e948acbf5d4f4add36405012d1867e1bb32428a8fbfafb6428cdc

    • SSDEEP

      12288:ecA6SbVi42BFx8dU5pbHy/1fweshYAlB4XPKAkP3:eOSb32H6W5pby69F/39f

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Adds policy Run key to start application

    • Disables RegEdit via registry modification

    • Executes dropped EXE

    • Modifies Windows Firewall

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Modifies WinLogon

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks