Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    070bc26b289a9c1b596772006af1c241ed0ebfb0fee1c0152157973ef61bb345

  • Size

    10.0MB

  • Sample

    221126-ar7xwahe87

  • MD5

    b8c899ad14a17c09d384ab0407493208

  • SHA1

    e892019fac46cefd25ed561b36d1ea279c023ce6

  • SHA256

    070bc26b289a9c1b596772006af1c241ed0ebfb0fee1c0152157973ef61bb345

  • SHA512

    a8ab017191401226344cdf5b62cd3ff38876f0afba3bdde56f8540cf98a91b0a4724b9f968d3b6101e1ae9eb08b49e8373caaf206a775964d3345bfe67489877

  • SSDEEP

    1536:D0uOtMg/ShmxlXLaOkaF/KMGHLatFj3BYReOe7g3lvUlQLD/JpD0umXRe5wMvXmE:DjOtKSXugFQ6Fj8eaV7JhGe5wcXjKe

Score
8/10

Malware Config

Targets

    • Target

      070bc26b289a9c1b596772006af1c241ed0ebfb0fee1c0152157973ef61bb345

    • Size

      10.0MB

    • MD5

      b8c899ad14a17c09d384ab0407493208

    • SHA1

      e892019fac46cefd25ed561b36d1ea279c023ce6

    • SHA256

      070bc26b289a9c1b596772006af1c241ed0ebfb0fee1c0152157973ef61bb345

    • SHA512

      a8ab017191401226344cdf5b62cd3ff38876f0afba3bdde56f8540cf98a91b0a4724b9f968d3b6101e1ae9eb08b49e8373caaf206a775964d3345bfe67489877

    • SSDEEP

      1536:D0uOtMg/ShmxlXLaOkaF/KMGHLatFj3BYReOe7g3lvUlQLD/JpD0umXRe5wMvXmE:DjOtKSXugFQ6Fj8eaV7JhGe5wcXjKe

    Score
    8/10
    • Adds policy Run key to start application

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks