Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    87bde230cf0f93c929dcd8f88647569533dca82e18c9132d0234611970eca6ae

  • Size

    862KB

  • Sample

    221127-ej4mpscb8y

  • MD5

    37b4670ed6e57f7d56657ed08576bf66

  • SHA1

    db1e64c0f774ab82db0921dbcaf2a8e753b6a4cf

  • SHA256

    87bde230cf0f93c929dcd8f88647569533dca82e18c9132d0234611970eca6ae

  • SHA512

    c30d0290dd026e2d6c278f087b920e2c69a498101f54d624f2372a647751c095e7c804a6f989a91efbe6d9e9f72a729f2d281dc6323ab2f5b7e28f29ba7d56ef

  • SSDEEP

    6144:5uHOinmy+g4yuHOinmy+g4KuHOSnmy+g4yuHOinmy+g4KuHOSnmy+g4yzE2E4:gOiGOiWOSGOiWOS64

Score
10/10

Malware Config

Targets

    • Target

      87bde230cf0f93c929dcd8f88647569533dca82e18c9132d0234611970eca6ae

    • Size

      862KB

    • MD5

      37b4670ed6e57f7d56657ed08576bf66

    • SHA1

      db1e64c0f774ab82db0921dbcaf2a8e753b6a4cf

    • SHA256

      87bde230cf0f93c929dcd8f88647569533dca82e18c9132d0234611970eca6ae

    • SHA512

      c30d0290dd026e2d6c278f087b920e2c69a498101f54d624f2372a647751c095e7c804a6f989a91efbe6d9e9f72a729f2d281dc6323ab2f5b7e28f29ba7d56ef

    • SSDEEP

      6144:5uHOinmy+g4yuHOinmy+g4KuHOSnmy+g4yuHOinmy+g4KuHOSnmy+g4yzE2E4:gOiGOiWOSGOiWOS64

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Executes dropped EXE

    • Sets file execution options in registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks