Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    12cfe9977cd669018236d56c3bbb46139039a8b346e6c6efac04604ef7dee139

  • Size

    140KB

  • Sample

    221201-mbannacf7x

  • MD5

    e05c617916fa14f40f7d2d7252ce58ba

  • SHA1

    92c415f627b3f5fa6d4ccfca5b73ada7ec993e61

  • SHA256

    12cfe9977cd669018236d56c3bbb46139039a8b346e6c6efac04604ef7dee139

  • SHA512

    0c52b9f14e96e3bf01d95076219f6c8337e5bd40cc9bc56f1fd7bc45fe3f2165b5f25325b312ddc88b782f05a8c9d4200f30c5c71ca39c42da4742bfd35172ef

  • SSDEEP

    1536:jLe2G4hiyrKfU0B296MAkgu8cBjFouoGNWAD5v2i9l4hT:OEhiy2fR0UMANYoufIAcySh

Score
8/10

Malware Config

Targets

    • Target

      12cfe9977cd669018236d56c3bbb46139039a8b346e6c6efac04604ef7dee139

    • Size

      140KB

    • MD5

      e05c617916fa14f40f7d2d7252ce58ba

    • SHA1

      92c415f627b3f5fa6d4ccfca5b73ada7ec993e61

    • SHA256

      12cfe9977cd669018236d56c3bbb46139039a8b346e6c6efac04604ef7dee139

    • SHA512

      0c52b9f14e96e3bf01d95076219f6c8337e5bd40cc9bc56f1fd7bc45fe3f2165b5f25325b312ddc88b782f05a8c9d4200f30c5c71ca39c42da4742bfd35172ef

    • SSDEEP

      1536:jLe2G4hiyrKfU0B296MAkgu8cBjFouoGNWAD5v2i9l4hT:OEhiy2fR0UMANYoufIAcySh

    Score
    8/10
    • Adds policy Run key to start application

    • Deletes itself

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks