Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7e9327110b30b53856a844d960396565315b14a962f5d81c14313d69722f31c9
-
Size
100KB
-
Sample
221129-h1pfwsbb4v
-
MD5
a14aa9dd650824251d76e93680b21f9f
-
SHA1
5188f0c1d76a563c7ce62d6fd5bee61c36c441bb
-
SHA256
7e9327110b30b53856a844d960396565315b14a962f5d81c14313d69722f31c9
-
SHA512
ed457dcc986dc2ef3dbdc3b3224740c8787d9ab573023f19c5e79d90e246e9a4c18d864b8bd05181c8146067814f91838a5a0bf158b02a733fee2552ba9166cb
-
SSDEEP
1536:WzrbrPyYvY3720LQk+8pTSQVrGcbVQ/BLHpYljq34N/9ANzFqIk8IOigJCXW:ZIG7VyQTSQV6iV+BLuF/9ABk7OfeW
Static task
static1
Behavioral task
behavioral1
Sample
7e9327110b30b53856a844d960396565315b14a962f5d81c14313d69722f31c9.exe
Resource
win7-20221111-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
7e9327110b30b53856a844d960396565315b14a962f5d81c14313d69722f31c9
-
Size
100KB
-
MD5
a14aa9dd650824251d76e93680b21f9f
-
SHA1
5188f0c1d76a563c7ce62d6fd5bee61c36c441bb
-
SHA256
7e9327110b30b53856a844d960396565315b14a962f5d81c14313d69722f31c9
-
SHA512
ed457dcc986dc2ef3dbdc3b3224740c8787d9ab573023f19c5e79d90e246e9a4c18d864b8bd05181c8146067814f91838a5a0bf158b02a733fee2552ba9166cb
-
SSDEEP
1536:WzrbrPyYvY3720LQk+8pTSQVrGcbVQ/BLHpYljq34N/9ANzFqIk8IOigJCXW:ZIG7VyQTSQV6iV+BLuF/9ABk7OfeW
-
Modifies firewall policy service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-