Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e32cee32c8e79635235b3b23052782a8552b057bd18e989702f753b0d48de035

  • Size

    1.4MB

  • Sample

    221204-adbmhsdb8s

  • MD5

    bef495809e1dd90ff241a27015ae59e0

  • SHA1

    14f7157b558fb918f32d200b688c20b9b8b60225

  • SHA256

    e32cee32c8e79635235b3b23052782a8552b057bd18e989702f753b0d48de035

  • SHA512

    e676610d18873332c2262d1bc0ad84fdc08fd777f28c11ebb99e3137e1977071fdb97a0e1fe89dba084fd0ceae66410152462477a860026a3e9c3b836a5cd3ae

  • SSDEEP

    24576:n7/iW4aTva1MpL78F9qBhAo2ODgNEBOvVf7wj7+a6B51zY7tpstbQTSD9x:nLiMTlA4BAOEEwsj7aB/zqSbQ2

Malware Config

Targets

    • Target

      e32cee32c8e79635235b3b23052782a8552b057bd18e989702f753b0d48de035

    • Size

      1.4MB

    • MD5

      bef495809e1dd90ff241a27015ae59e0

    • SHA1

      14f7157b558fb918f32d200b688c20b9b8b60225

    • SHA256

      e32cee32c8e79635235b3b23052782a8552b057bd18e989702f753b0d48de035

    • SHA512

      e676610d18873332c2262d1bc0ad84fdc08fd777f28c11ebb99e3137e1977071fdb97a0e1fe89dba084fd0ceae66410152462477a860026a3e9c3b836a5cd3ae

    • SSDEEP

      24576:n7/iW4aTva1MpL78F9qBhAo2ODgNEBOvVf7wj7+a6B51zY7tpstbQTSD9x:nLiMTlA4BAOEEwsj7aB/zqSbQ2

    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • UAC bypass

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v6

Tasks