Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

8

0b1582e704...b4.exe

windows7-x64

10

0b1582e704...b4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0b1582e7049e28e0067dd8fcd2ada4636ded5df54ced2505f2852d96a8857cb4

  • Size

    188KB

  • Sample

    221203-zq9graeb46

  • MD5

    076f8351f13f7b87f0770d611b441c2c

  • SHA1

    ce60352c94d720928b66b191bd3f2b6df6f64505

  • SHA256

    0b1582e7049e28e0067dd8fcd2ada4636ded5df54ced2505f2852d96a8857cb4

  • SHA512

    01667becb2906a2000467db6b8af51f086ce0424eb5d5cea73b5f622aaaaf1e14110c841acd304721fda35cb45d70fdcd392a846450e028274f72b4db44c2c78

  • SSDEEP

    1536:VjPzy7rAVb3n3gX72IEJ5NwE4G/a3hd+g/:JPzyXANQX729D4G/aR3

Score
10/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      0b1582e7049e28e0067dd8fcd2ada4636ded5df54ced2505f2852d96a8857cb4

    • Size

      188KB

    • MD5

      076f8351f13f7b87f0770d611b441c2c

    • SHA1

      ce60352c94d720928b66b191bd3f2b6df6f64505

    • SHA256

      0b1582e7049e28e0067dd8fcd2ada4636ded5df54ced2505f2852d96a8857cb4

    • SHA512

      01667becb2906a2000467db6b8af51f086ce0424eb5d5cea73b5f622aaaaf1e14110c841acd304721fda35cb45d70fdcd392a846450e028274f72b4db44c2c78

    • SSDEEP

      1536:VjPzy7rAVb3n3gX72IEJ5NwE4G/a3hd+g/:JPzyXANQX729D4G/aR3

    Score
    10/10
    evasionpersistenceupx

    • Modifies WinLogon for persistence

      persistence

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks