Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5cb0cf382f2f2ba5d6d4105a96cddba70cb37b060ec15e4a684a0c5e9ac10307

  • Size

    515KB

  • Sample

    221128-c1qfasha43

  • MD5

    3bce716cd07e8836f2364cf556818a6c

  • SHA1

    d3b0359343c323ac7c37ecc7b994396eda6949a5

  • SHA256

    5cb0cf382f2f2ba5d6d4105a96cddba70cb37b060ec15e4a684a0c5e9ac10307

  • SHA512

    61c81a3e4bc9b8fc4abe67d3201a51810850c137d19c23a539b9cfa3d7fd43f2b8f2227a82b107a091b3ac8c6329fe76f79c45d0ef23fdf7551d6195995ff26e

  • SSDEEP

    12288:gOZeZJys73dOvXDpNjNe8z2eZJys73dOvXDpNjNe8TOB0pa4T:DeZJ8NI8z2eZJ8NI8TOuhT

Score
10/10

Malware Config

Targets

    • Target

      5cb0cf382f2f2ba5d6d4105a96cddba70cb37b060ec15e4a684a0c5e9ac10307

    • Size

      515KB

    • MD5

      3bce716cd07e8836f2364cf556818a6c

    • SHA1

      d3b0359343c323ac7c37ecc7b994396eda6949a5

    • SHA256

      5cb0cf382f2f2ba5d6d4105a96cddba70cb37b060ec15e4a684a0c5e9ac10307

    • SHA512

      61c81a3e4bc9b8fc4abe67d3201a51810850c137d19c23a539b9cfa3d7fd43f2b8f2227a82b107a091b3ac8c6329fe76f79c45d0ef23fdf7551d6195995ff26e

    • SSDEEP

      12288:gOZeZJys73dOvXDpNjNe8z2eZJys73dOvXDpNjNe8TOB0pa4T:DeZJ8NI8z2eZJ8NI8TOuhT

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Executes dropped EXE

    • Sets file execution options in registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks