Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cf9e8537bc8d23e05f9899f00d8d5380969bfb135afc672bdd72c0c215bc1ed6

  • Size

    194KB

  • Sample

    221121-nk3lgacb41

  • MD5

    3b2733f12a4f58a00300049b4d2de5b6

  • SHA1

    195d6e02e684f59bc56d669fa1f75018d3027dad

  • SHA256

    cf9e8537bc8d23e05f9899f00d8d5380969bfb135afc672bdd72c0c215bc1ed6

  • SHA512

    b738156919ca3488b1edac7e4a1849e60d5f959aece6966e13b9b9d5778a1446256120f943e844a0064c61892331dc560c48a6401db26adeb70ba70981951f50

  • SSDEEP

    6144:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HW1kyApwk:ZMMpXKb0hNGh1kG0HWnA+k

Score
10/10

Malware Config

Targets

    • Target

      cf9e8537bc8d23e05f9899f00d8d5380969bfb135afc672bdd72c0c215bc1ed6

    • Size

      194KB

    • MD5

      3b2733f12a4f58a00300049b4d2de5b6

    • SHA1

      195d6e02e684f59bc56d669fa1f75018d3027dad

    • SHA256

      cf9e8537bc8d23e05f9899f00d8d5380969bfb135afc672bdd72c0c215bc1ed6

    • SHA512

      b738156919ca3488b1edac7e4a1849e60d5f959aece6966e13b9b9d5778a1446256120f943e844a0064c61892331dc560c48a6401db26adeb70ba70981951f50

    • SSDEEP

      6144:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HW1kyApwk:ZMMpXKb0hNGh1kG0HWnA+k

    Score
    10/10
    • Modifies WinLogon for persistence

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks