Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7b488f499dedba12660d63aa78afb84cc3de15a6613c08d9af03d7517a5e97d3

  • Size

    2.4MB

  • Sample

    221204-jympysah86

  • MD5

    c6ccdfd1d5f9d5be810d465bef9a1f49

  • SHA1

    3145b0dcaf3d59b8f3fd9d4abd70d5e2ea8c08ec

  • SHA256

    7b488f499dedba12660d63aa78afb84cc3de15a6613c08d9af03d7517a5e97d3

  • SHA512

    614b4f559e2f01d70f8f610da394e8a0c07a2e4bfb800b96f03d3d08fa7166bd471737c45cedac4035d7aac10e2a8f7a90297fababcbcf8558902b6503b61734

  • SSDEEP

    49152:/EVUchExecJDGxP1NC+A/PLKhAFs1NPIJBIpqJmBOVN6ZSQQ5nqY7yCt:/E38JDAL8M2sDCWpEm8VJQIt

Malware Config

Targets

    • Target

      7b488f499dedba12660d63aa78afb84cc3de15a6613c08d9af03d7517a5e97d3

    • Size

      2.4MB

    • MD5

      c6ccdfd1d5f9d5be810d465bef9a1f49

    • SHA1

      3145b0dcaf3d59b8f3fd9d4abd70d5e2ea8c08ec

    • SHA256

      7b488f499dedba12660d63aa78afb84cc3de15a6613c08d9af03d7517a5e97d3

    • SHA512

      614b4f559e2f01d70f8f610da394e8a0c07a2e4bfb800b96f03d3d08fa7166bd471737c45cedac4035d7aac10e2a8f7a90297fababcbcf8558902b6503b61734

    • SSDEEP

      49152:/EVUchExecJDGxP1NC+A/PLKhAFs1NPIJBIpqJmBOVN6ZSQQ5nqY7yCt:/E38JDAL8M2sDCWpEm8VJQIt

    • Executes dropped EXE

    • Modifies Windows Firewall

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops startup file

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks