Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ec6e67e3d0b28fc9f7d923a21ec5969b26bc951f2f5da322d1e2d66082f696bb

  • Size

    338KB

  • Sample

    221127-yez89sdd92

  • MD5

    71ab430b0f9896e4d8dc19a8c1b8d49b

  • SHA1

    9bdafdfa0e49980a10fbfde98ea9868ac493d287

  • SHA256

    ec6e67e3d0b28fc9f7d923a21ec5969b26bc951f2f5da322d1e2d66082f696bb

  • SHA512

    ed4ba4303b8940c9b12f1347ffaf62b17bc70fe2ef08dcb5e56821d3e6a63af7c9791ef8522cff7f1852c058d366e266853d651e2eb158a1c66fc2e08f7ce5f1

  • SSDEEP

    6144:5uHOPB/nmy+g4+nmy+g4g/UOPSe570Szp3FK3uYjRmmG/c:gOPB/tUOB00OuD6

Score
10/10

Malware Config

Targets

    • Target

      ec6e67e3d0b28fc9f7d923a21ec5969b26bc951f2f5da322d1e2d66082f696bb

    • Size

      338KB

    • MD5

      71ab430b0f9896e4d8dc19a8c1b8d49b

    • SHA1

      9bdafdfa0e49980a10fbfde98ea9868ac493d287

    • SHA256

      ec6e67e3d0b28fc9f7d923a21ec5969b26bc951f2f5da322d1e2d66082f696bb

    • SHA512

      ed4ba4303b8940c9b12f1347ffaf62b17bc70fe2ef08dcb5e56821d3e6a63af7c9791ef8522cff7f1852c058d366e266853d651e2eb158a1c66fc2e08f7ce5f1

    • SSDEEP

      6144:5uHOPB/nmy+g4+nmy+g4g/UOPSe570Szp3FK3uYjRmmG/c:gOPB/tUOB00OuD6

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Executes dropped EXE

    • Sets file execution options in registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks