Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b5ff177f3a727f52634595d6cbe71ef21da068386eeaf2d9971f4bfb4c78e80f

  • Size

    325KB

  • Sample

    221201-xpsfqsed61

  • MD5

    4154cb1420649fbb8d236a998e6381b6

  • SHA1

    80b08511710e757a073a5879f33d7c1748c2afbd

  • SHA256

    b5ff177f3a727f52634595d6cbe71ef21da068386eeaf2d9971f4bfb4c78e80f

  • SHA512

    a9f9e31f79eae5215ccdb81103a3e60c1ad5643a5637259423270f8432903f7e8ad8b2982616886d9a798e6b58e2a4550c3173f3337df0a4df0ce745af3caf25

  • SSDEEP

    6144:YRjDlYcQunzWY/bnpof88WHt55i+Y539Cnu/bzFp5:Y07ubnGYHt553Y5Yu/b5/

Score
10/10

Malware Config

Targets

    • Target

      b5ff177f3a727f52634595d6cbe71ef21da068386eeaf2d9971f4bfb4c78e80f

    • Size

      325KB

    • MD5

      4154cb1420649fbb8d236a998e6381b6

    • SHA1

      80b08511710e757a073a5879f33d7c1748c2afbd

    • SHA256

      b5ff177f3a727f52634595d6cbe71ef21da068386eeaf2d9971f4bfb4c78e80f

    • SHA512

      a9f9e31f79eae5215ccdb81103a3e60c1ad5643a5637259423270f8432903f7e8ad8b2982616886d9a798e6b58e2a4550c3173f3337df0a4df0ce745af3caf25

    • SSDEEP

      6144:YRjDlYcQunzWY/bnpof88WHt55i+Y539Cnu/bzFp5:Y07ubnGYHt553Y5Yu/b5/

    Score
    10/10
    • Modifies firewall policy service

    • Modifies security service

    • Disables taskbar notifications via registry modification

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks