Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a7b38d586619db0335c48667eccb2518493632484c129a4d2d71709a3e2cbb1e

  • Size

    1.3MB

  • Sample

    221204-kanssaff2x

  • MD5

    6320e731dade6b75698a406f2eaf1ac0

  • SHA1

    4b54fc9d09b44f1d72aeb1e9be7072a65a62c51f

  • SHA256

    a7b38d586619db0335c48667eccb2518493632484c129a4d2d71709a3e2cbb1e

  • SHA512

    759dbe8ed8abe379e5115c2988fae1b86b8c27753314c6dca82782a97c9bd36714b043ef9ba365b12d11d8f49eab058a0aacfa53ec46a8a6557bcd109d1c71f8

  • SSDEEP

    6144:llt/9LvG6g6vdZwhvvH9cXdq0etw9R5mY0uMZVGmoJFCvngBt43wchCREaFRVser:lL/9LYgPWcX0Nw9uZarnCvnEtShMoSB

Score
10/10

Malware Config

Targets

    • Target

      a7b38d586619db0335c48667eccb2518493632484c129a4d2d71709a3e2cbb1e

    • Size

      1.3MB

    • MD5

      6320e731dade6b75698a406f2eaf1ac0

    • SHA1

      4b54fc9d09b44f1d72aeb1e9be7072a65a62c51f

    • SHA256

      a7b38d586619db0335c48667eccb2518493632484c129a4d2d71709a3e2cbb1e

    • SHA512

      759dbe8ed8abe379e5115c2988fae1b86b8c27753314c6dca82782a97c9bd36714b043ef9ba365b12d11d8f49eab058a0aacfa53ec46a8a6557bcd109d1c71f8

    • SSDEEP

      6144:llt/9LvG6g6vdZwhvvH9cXdq0etw9R5mY0uMZVGmoJFCvngBt43wchCREaFRVser:lL/9LYgPWcX0Nw9uZarnCvnEtShMoSB

    Score
    10/10
    • Modifies WinLogon for persistence

    • Executes dropped EXE

    • Modifies Windows Firewall

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks