Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d2ee58bd5ba3eabc196940f2f99f5fcb2e5e4c121327730e00bd80293477545e

  • Size

    785KB

  • Sample

    221128-cz2f6sgh95

  • MD5

    28336ecebea1f0f3a971de3641f8af34

  • SHA1

    95d2bdc91908f478d58f92581a29681c21d2613a

  • SHA256

    d2ee58bd5ba3eabc196940f2f99f5fcb2e5e4c121327730e00bd80293477545e

  • SHA512

    8741d546fd0cad916bbeae330e0c07bf85b57f5cec96f85f404be48877ea521ca1fa9b60101b4392ad76253f844813cdb12dc0823cbc5f159fde879d09a005c9

  • SSDEEP

    6144:5uHOyrG1VVE+IVE2EJuHONrG1VVE+IVE2EJuHONrG1VVE+IVE2EJuHONrG1VVE+S:gOWudwOxudwOxudwOxudtSuut

Score
10/10

Malware Config

Targets

    • Target

      d2ee58bd5ba3eabc196940f2f99f5fcb2e5e4c121327730e00bd80293477545e

    • Size

      785KB

    • MD5

      28336ecebea1f0f3a971de3641f8af34

    • SHA1

      95d2bdc91908f478d58f92581a29681c21d2613a

    • SHA256

      d2ee58bd5ba3eabc196940f2f99f5fcb2e5e4c121327730e00bd80293477545e

    • SHA512

      8741d546fd0cad916bbeae330e0c07bf85b57f5cec96f85f404be48877ea521ca1fa9b60101b4392ad76253f844813cdb12dc0823cbc5f159fde879d09a005c9

    • SSDEEP

      6144:5uHOyrG1VVE+IVE2EJuHONrG1VVE+IVE2EJuHONrG1VVE+IVE2EJuHONrG1VVE+S:gOWudwOxudwOxudwOxudtSuut

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Executes dropped EXE

    • Sets file execution options in registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks