Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a3ca0890a2fdc57ff8d414fc374575320641c5e1c70fbc53a54b4417b0b02bf0

  • Size

    294KB

  • Sample

    221129-ep9qxagf7t

  • MD5

    f45c5aeae6229b81ee5f94d42d4e5b44

  • SHA1

    38a957d797bb88d5a65088744a8e0abb3fc29508

  • SHA256

    a3ca0890a2fdc57ff8d414fc374575320641c5e1c70fbc53a54b4417b0b02bf0

  • SHA512

    6596aa21f69b1c06490d0fb899f4eea59561e23642109f200024dae220e18e1f7d4de8b2ac5ee5c67ba7bfe6cc6c11de5b23563915c86f92b58afdd3bf6b42f8

  • SSDEEP

    6144:k6G9HGWgugnhFCCV15wS71PUcjSse2g9X+muCThb7xwc62tByfntT9PoKtICvZZv:k6AmWNg3CCV1qS719bggzWhbJj8RoKlL

Malware Config

Targets

    • Target

      a3ca0890a2fdc57ff8d414fc374575320641c5e1c70fbc53a54b4417b0b02bf0

    • Size

      294KB

    • MD5

      f45c5aeae6229b81ee5f94d42d4e5b44

    • SHA1

      38a957d797bb88d5a65088744a8e0abb3fc29508

    • SHA256

      a3ca0890a2fdc57ff8d414fc374575320641c5e1c70fbc53a54b4417b0b02bf0

    • SHA512

      6596aa21f69b1c06490d0fb899f4eea59561e23642109f200024dae220e18e1f7d4de8b2ac5ee5c67ba7bfe6cc6c11de5b23563915c86f92b58afdd3bf6b42f8

    • SSDEEP

      6144:k6G9HGWgugnhFCCV15wS71PUcjSse2g9X+muCThb7xwc62tByfntT9PoKtICvZZv:k6AmWNg3CCV1qS719bggzWhbJj8RoKlL

    • Disables Task Manager via registry modification

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Adds Run key to start application

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v6

Tasks