Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5c266669fa...01.exe

windows7-x64

10

5c266669fa...01.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5c266669faa0f6f4469002fefaab7d622863234b59f391c67f157b391ec2f001

  • Size

    182KB

  • Sample

    221201-3kwv9afe7v

  • MD5

    b2f9c4d7a56ba2010ce7df5095cd2b88

  • SHA1

    7fee93691e62a57a8bf31ab4e09ef7770af3bd27

  • SHA256

    5c266669faa0f6f4469002fefaab7d622863234b59f391c67f157b391ec2f001

  • SHA512

    5b4d59252ed4d0c39fcbe571d538ce44b90d9fefe7f7948f25afc23717ad7e32b190d51744e63ecbc77d15e685ddd58ab9f6873396a449f2dabcf0d46bd22a53

  • SSDEEP

    3072:iSexSO8y/9VZ92PMcTaeV11n722A8J3DtVpXsjRmTdkCV6g166lRgeMTALTpDdgl:ix9Z/9EP3tV72ITtrTWe6gpTC5

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      5c266669faa0f6f4469002fefaab7d622863234b59f391c67f157b391ec2f001

    • Size

      182KB

    • MD5

      b2f9c4d7a56ba2010ce7df5095cd2b88

    • SHA1

      7fee93691e62a57a8bf31ab4e09ef7770af3bd27

    • SHA256

      5c266669faa0f6f4469002fefaab7d622863234b59f391c67f157b391ec2f001

    • SHA512

      5b4d59252ed4d0c39fcbe571d538ce44b90d9fefe7f7948f25afc23717ad7e32b190d51744e63ecbc77d15e685ddd58ab9f6873396a449f2dabcf0d46bd22a53

    • SSDEEP

      3072:iSexSO8y/9VZ92PMcTaeV11n722A8J3DtVpXsjRmTdkCV6g166lRgeMTALTpDdgl:ix9Z/9EP3tV72ITtrTWe6gpTC5

    Score
    10/10
    evasionpersistence

    • Modifies firewall policy service

      evasion

    • Modifies security service

      evasion

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks