Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b5476ccbfe4347afa745481b7577b056e34891c01760fc6d378f696f4e87e11f

  • Size

    163KB

  • Sample

    221205-gasvysae22

  • MD5

    32a678bbd6eedab3232e50a3378e0391

  • SHA1

    2dda667fb3de88dad5ab2609dcf55ea1504726d2

  • SHA256

    b5476ccbfe4347afa745481b7577b056e34891c01760fc6d378f696f4e87e11f

  • SHA512

    0a52904d696283aead58fa0c66286a2acae7765b7072438f592bb3b6eabb106570cc36379fde6ecdbe8118f25afdab764fbc35897f2b056d1a748d78d8d70296

  • SSDEEP

    3072:3m4azbjjC9C+q+bAgFwIpOLKOAwWxWK7xYOOQbHoPl8qBYQVl7Bp:3mp+q+bAgFwt/5+WiYOOQbIiqCQV

Score
10/10

Malware Config

Targets

    • Target

      b5476ccbfe4347afa745481b7577b056e34891c01760fc6d378f696f4e87e11f

    • Size

      163KB

    • MD5

      32a678bbd6eedab3232e50a3378e0391

    • SHA1

      2dda667fb3de88dad5ab2609dcf55ea1504726d2

    • SHA256

      b5476ccbfe4347afa745481b7577b056e34891c01760fc6d378f696f4e87e11f

    • SHA512

      0a52904d696283aead58fa0c66286a2acae7765b7072438f592bb3b6eabb106570cc36379fde6ecdbe8118f25afdab764fbc35897f2b056d1a748d78d8d70296

    • SSDEEP

      3072:3m4azbjjC9C+q+bAgFwIpOLKOAwWxWK7xYOOQbHoPl8qBYQVl7Bp:3mp+q+bAgFwt/5+WiYOOQbIiqCQV

    Score
    10/10
    • Modifies firewall policy service

    • Modifies security service

    • Sets service image path in registry

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks