Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a8a463a7efb17849ae3a8ba0b3a9652ecc0bf8977a16ca1b6dc0ca1aa077c1fe

  • Size

    164KB

  • Sample

    221130-3qkp6sfc33

  • MD5

    16217888a5b9d3c1d118cc0ae0ea2e00

  • SHA1

    5b2618b99d256e35c87cbffa81dfbb3f54ded978

  • SHA256

    a8a463a7efb17849ae3a8ba0b3a9652ecc0bf8977a16ca1b6dc0ca1aa077c1fe

  • SHA512

    9dbea0f98d0ff7fdfb5cce6720adec1b85ab16f58881dfb5a79f6784b4392a1a1caaf371311f617cf2076806dc5bef89eeade2527865e1505f63abb4a6f6cfd1

  • SSDEEP

    1536:oz3McnjKk9gil9Lo/wjkHKQASMdzJaGAfXuUVjbzbL/:WJrdcwQHVAS4zRaXuQvf

Score
8/10

Malware Config

Targets

    • Target

      a8a463a7efb17849ae3a8ba0b3a9652ecc0bf8977a16ca1b6dc0ca1aa077c1fe

    • Size

      164KB

    • MD5

      16217888a5b9d3c1d118cc0ae0ea2e00

    • SHA1

      5b2618b99d256e35c87cbffa81dfbb3f54ded978

    • SHA256

      a8a463a7efb17849ae3a8ba0b3a9652ecc0bf8977a16ca1b6dc0ca1aa077c1fe

    • SHA512

      9dbea0f98d0ff7fdfb5cce6720adec1b85ab16f58881dfb5a79f6784b4392a1a1caaf371311f617cf2076806dc5bef89eeade2527865e1505f63abb4a6f6cfd1

    • SSDEEP

      1536:oz3McnjKk9gil9Lo/wjkHKQASMdzJaGAfXuUVjbzbL/:WJrdcwQHVAS4zRaXuQvf

    Score
    8/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Modifies WinLogon

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks