Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6968b5341c630be4df9cb25c486f4f349374fa094b4e070553ce0bfa5d849e35
-
Size
647KB
-
Sample
221107-t6mp2aadhp
-
MD5
0b220f8a748fa02e6728cab8a918336e
-
SHA1
cb0d4c1a190b15eb8514c42ef3068f724eed2715
-
SHA256
6968b5341c630be4df9cb25c486f4f349374fa094b4e070553ce0bfa5d849e35
-
SHA512
d0716cdb34087828a16b6f4413617016d309198efbbf91a93189c824c03aca527614aa674a1e948acbf5d4f4add36405012d1867e1bb32428a8fbfafb6428cdc
-
SSDEEP
12288:ecA6SbVi42BFx8dU5pbHy/1fweshYAlB4XPKAkP3:eOSb32H6W5pby69F/39f
Static task
static1
Behavioral task
behavioral1
Sample
6968b5341c630be4df9cb25c486f4f349374fa094b4e070553ce0bfa5d849e35.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
6968b5341c630be4df9cb25c486f4f349374fa094b4e070553ce0bfa5d849e35.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
6968b5341c630be4df9cb25c486f4f349374fa094b4e070553ce0bfa5d849e35
-
Size
647KB
-
MD5
0b220f8a748fa02e6728cab8a918336e
-
SHA1
cb0d4c1a190b15eb8514c42ef3068f724eed2715
-
SHA256
6968b5341c630be4df9cb25c486f4f349374fa094b4e070553ce0bfa5d849e35
-
SHA512
d0716cdb34087828a16b6f4413617016d309198efbbf91a93189c824c03aca527614aa674a1e948acbf5d4f4add36405012d1867e1bb32428a8fbfafb6428cdc
-
SSDEEP
12288:ecA6SbVi42BFx8dU5pbHy/1fweshYAlB4XPKAkP3:eOSb32H6W5pby69F/39f
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Disables RegEdit via registry modification
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-