Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

8

ac31ec788a...4d.exe

windows7-x64

10

ac31ec788a...4d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ac31ec788a1cb0b45a2390101236d28cf2820d7decc7d8c5078ee3f6cb7ccd4d

  • Size

    453KB

  • Sample

    221123-3mgjcaga3w

  • MD5

    4b65e158f455b199d9840c9360806330

  • SHA1

    c990396de5beab412159de930a04c10c102d9dde

  • SHA256

    ac31ec788a1cb0b45a2390101236d28cf2820d7decc7d8c5078ee3f6cb7ccd4d

  • SHA512

    fd645a2176936e73ff28497c75d41d37cc2cf68cd1bb1f07c2f404054ec0b56bf535f25fc672ed158f9fbeebcb7a70610bd5e163476b12ad534f6237b9626012

  • SSDEEP

    12288:E6/DdQHroPTAwpwXQsBPTeoG0HhDtdC2Cp4JSErXDSrX:T7WsPkA8QsBPyoG0HBrC2zJSKDSb

Score
10/10
persistenceupx

Malware Config

Targets

    • Target

      ac31ec788a1cb0b45a2390101236d28cf2820d7decc7d8c5078ee3f6cb7ccd4d

    • Size

      453KB

    • MD5

      4b65e158f455b199d9840c9360806330

    • SHA1

      c990396de5beab412159de930a04c10c102d9dde

    • SHA256

      ac31ec788a1cb0b45a2390101236d28cf2820d7decc7d8c5078ee3f6cb7ccd4d

    • SHA512

      fd645a2176936e73ff28497c75d41d37cc2cf68cd1bb1f07c2f404054ec0b56bf535f25fc672ed158f9fbeebcb7a70610bd5e163476b12ad534f6237b9626012

    • SSDEEP

      12288:E6/DdQHroPTAwpwXQsBPTeoG0HhDtdC2Cp4JSErXDSrX:T7WsPkA8QsBPyoG0HBrC2zJSKDSb

    Score
    10/10
    persistenceupx

    • Modifies WinLogon for persistence

      persistence

    • Adds policy Run key to start application

      persistence

    • Executes dropped EXE

    • Modifies Installed Components in the registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Deletes itself

    • Loads dropped DLL

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks