Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    796f2d17207a3380c07640598dd2ed69142713ecb71f4146f48148b2c5e0f908

  • Size

    113KB

  • Sample

    221205-3yffeshg77

  • MD5

    eda7c8d4f9c92ce476c06833b0ab2230

  • SHA1

    98a05799b0adc8151ad6e74c57a80c689aa39281

  • SHA256

    796f2d17207a3380c07640598dd2ed69142713ecb71f4146f48148b2c5e0f908

  • SHA512

    4173bdce63cf0e77fff5494f484048201cd23482e2da67e306fac6b65c4e3e5e549851efcdb6e3297e06c1355b6ade6a50263deb851dc238c9c40025a83c7ff3

  • SSDEEP

    3072:/y3xG9uGQVwuWmWg9+P3to8VGIoInBGbLMHMb9/xN:KhG9uGju9tcPdzSIAnF9JN

Score
10/10

Malware Config

Targets

    • Target

      796f2d17207a3380c07640598dd2ed69142713ecb71f4146f48148b2c5e0f908

    • Size

      113KB

    • MD5

      eda7c8d4f9c92ce476c06833b0ab2230

    • SHA1

      98a05799b0adc8151ad6e74c57a80c689aa39281

    • SHA256

      796f2d17207a3380c07640598dd2ed69142713ecb71f4146f48148b2c5e0f908

    • SHA512

      4173bdce63cf0e77fff5494f484048201cd23482e2da67e306fac6b65c4e3e5e549851efcdb6e3297e06c1355b6ade6a50263deb851dc238c9c40025a83c7ff3

    • SSDEEP

      3072:/y3xG9uGQVwuWmWg9+P3to8VGIoInBGbLMHMb9/xN:KhG9uGju9tcPdzSIAnF9JN

    Score
    10/10
    • Modifies firewall policy service

    • Adds policy Run key to start application

    • Sets service image path in registry

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks