Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c6876d2c3be1bb9eecd5900202ce9de8858fb991809457dc1de6b08ec06fbd8b

  • Size

    363KB

  • Sample

    221127-yfk6qshd5y

  • MD5

    c18124c2c99b5818ab053ded0cf2a41d

  • SHA1

    42411812a29c998aa3dec641051f615dbac971ce

  • SHA256

    c6876d2c3be1bb9eecd5900202ce9de8858fb991809457dc1de6b08ec06fbd8b

  • SHA512

    b528f7220569ca4d415e1b3fd2a9a51f4e26b97b7c4dafa18d83c34ef878248ae911080a094f439c5fc82879a207f2c82a10238d2a7f6360861364ecb7c4f0a2

  • SSDEEP

    3072:TdVd2Hayox1aMrpN9rtVnmywjg48RZ00RZ00RZ00BdVd2Hayox1aMrpN9rtVnmy0:5uHOJnmy+g4uuHOJnmy+g4P

Score
10/10

Malware Config

Targets

    • Target

      c6876d2c3be1bb9eecd5900202ce9de8858fb991809457dc1de6b08ec06fbd8b

    • Size

      363KB

    • MD5

      c18124c2c99b5818ab053ded0cf2a41d

    • SHA1

      42411812a29c998aa3dec641051f615dbac971ce

    • SHA256

      c6876d2c3be1bb9eecd5900202ce9de8858fb991809457dc1de6b08ec06fbd8b

    • SHA512

      b528f7220569ca4d415e1b3fd2a9a51f4e26b97b7c4dafa18d83c34ef878248ae911080a094f439c5fc82879a207f2c82a10238d2a7f6360861364ecb7c4f0a2

    • SSDEEP

      3072:TdVd2Hayox1aMrpN9rtVnmywjg48RZ00RZ00RZ00BdVd2Hayox1aMrpN9rtVnmy0:5uHOJnmy+g4uuHOJnmy+g4P

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Executes dropped EXE

    • Sets file execution options in registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks