Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

75c910ecd6...cf.exe

windows7-x64

10

75c910ecd6...cf.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    75c910ecd652474b6decb6ff6d97177c63b0eb824480352fdc3cc589de5cb8cf

  • Size

    181KB

  • Sample

    221201-2p931acg3s

  • MD5

    eac1dd8cef50fcbdb306a83708a12b79

  • SHA1

    a9d6605c0381f21888f99b3d98e2237f790406b4

  • SHA256

    75c910ecd652474b6decb6ff6d97177c63b0eb824480352fdc3cc589de5cb8cf

  • SHA512

    44ff0ae07f788843cee8b5764524ba28450535264ed3918b0bcb703e0173ea606a327eff5007b9a94d0c340e6119fe0bd24b5fd4963ae719858f640e274d47e6

  • SSDEEP

    3072:ZIPGJHlGLODgrXD3zb3iwxchkiZLNEUygL974ybPNueVicYhyK8AuUr/:ZICFGgsXDSK0t/EUy66yjUel0uAu

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      75c910ecd652474b6decb6ff6d97177c63b0eb824480352fdc3cc589de5cb8cf

    • Size

      181KB

    • MD5

      eac1dd8cef50fcbdb306a83708a12b79

    • SHA1

      a9d6605c0381f21888f99b3d98e2237f790406b4

    • SHA256

      75c910ecd652474b6decb6ff6d97177c63b0eb824480352fdc3cc589de5cb8cf

    • SHA512

      44ff0ae07f788843cee8b5764524ba28450535264ed3918b0bcb703e0173ea606a327eff5007b9a94d0c340e6119fe0bd24b5fd4963ae719858f640e274d47e6

    • SSDEEP

      3072:ZIPGJHlGLODgrXD3zb3iwxchkiZLNEUygL974ybPNueVicYhyK8AuUr/:ZICFGgsXDSK0t/EUy66yjUel0uAu

    Score
    10/10
    evasionpersistence

    • Modifies security service

      evasion

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks