Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    07adf47c0c7a35ecfd5e51555f6b66ae7a4d794f88548c43e09a81cae961a8bd

  • Size

    655KB

  • Sample

    221201-g1fnbabg23

  • MD5

    50bce9ba70d6529eb7a26ede8d584950

  • SHA1

    3929bc52d33e6182b6f6e99e83949ea84987d1c0

  • SHA256

    07adf47c0c7a35ecfd5e51555f6b66ae7a4d794f88548c43e09a81cae961a8bd

  • SHA512

    ab25cc25fdb4ae227b16278138842b8616cf61e7fe4c72614afcb48f77bfe61ea547b564e25987d8a7896a9968b14909f60d46095d5446594a21504a862db858

  • SSDEEP

    1536:1BQZjlDtdDkM0ncL79l1wUEkWLj3uWHmdmLoys5IJ+I7KyALeoIk0lYUTPj68:eJtdYEf9REkwjjSQs5IUI7GCoI/lLn

Malware Config

Targets

    • Target

      07adf47c0c7a35ecfd5e51555f6b66ae7a4d794f88548c43e09a81cae961a8bd

    • Size

      655KB

    • MD5

      50bce9ba70d6529eb7a26ede8d584950

    • SHA1

      3929bc52d33e6182b6f6e99e83949ea84987d1c0

    • SHA256

      07adf47c0c7a35ecfd5e51555f6b66ae7a4d794f88548c43e09a81cae961a8bd

    • SHA512

      ab25cc25fdb4ae227b16278138842b8616cf61e7fe4c72614afcb48f77bfe61ea547b564e25987d8a7896a9968b14909f60d46095d5446594a21504a862db858

    • SSDEEP

      1536:1BQZjlDtdDkM0ncL79l1wUEkWLj3uWHmdmLoys5IJ+I7KyALeoIk0lYUTPj68:eJtdYEf9REkwjjSQs5IUI7GCoI/lLn

    • Adds policy Run key to start application

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Deletes itself

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks