Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

98db34a245...55.exe

windows7-x64

10

98db34a245...55.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    98db34a2450a7419418f201f3ab8ccc077dddeeec9f2cf876cad58513b217455

  • Size

    196KB

  • Sample

    221201-a4a4nshh95

  • MD5

    a0610dc14d08c5de2b6f28fb3fa3f8e0

  • SHA1

    b3be0225204ff836a6836f0b680d2858ad2ae689

  • SHA256

    98db34a2450a7419418f201f3ab8ccc077dddeeec9f2cf876cad58513b217455

  • SHA512

    3a05979b90e331e69db02861c91475d18cb6ad980e343121c51f5a2db50be4dd1cc8d821c27cca972a1b2eb29df3d198e728f810f8d258d30f30e827cb0fe83d

  • SSDEEP

    3072:wD5OKVfLiQgMAygzRfytWlaBBdx4UM1t0SMQ9h8Ft2Lf5P59DxRrs+FqT:CP6MpWRfNlSt4UM19jX+IfZUT

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      98db34a2450a7419418f201f3ab8ccc077dddeeec9f2cf876cad58513b217455

    • Size

      196KB

    • MD5

      a0610dc14d08c5de2b6f28fb3fa3f8e0

    • SHA1

      b3be0225204ff836a6836f0b680d2858ad2ae689

    • SHA256

      98db34a2450a7419418f201f3ab8ccc077dddeeec9f2cf876cad58513b217455

    • SHA512

      3a05979b90e331e69db02861c91475d18cb6ad980e343121c51f5a2db50be4dd1cc8d821c27cca972a1b2eb29df3d198e728f810f8d258d30f30e827cb0fe83d

    • SSDEEP

      3072:wD5OKVfLiQgMAygzRfytWlaBBdx4UM1t0SMQ9h8Ft2Lf5P59DxRrs+FqT:CP6MpWRfNlSt4UM19jX+IfZUT

    Score
    10/10
    evasionpersistence

    • Modifies firewall policy service

      evasion

    • Modifies security service

      evasion

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks