Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bebee881d6161401027222dc4b2557ab1187a74a8fe5c906b134beda59cb0c2e

  • Size

    362KB

  • Sample

    221205-h1stbaca3t

  • MD5

    5eb62ff48048584ae1a29d6a4698ccae

  • SHA1

    a78bb9335164d216ab7bcdce5a7d9040d323c598

  • SHA256

    bebee881d6161401027222dc4b2557ab1187a74a8fe5c906b134beda59cb0c2e

  • SHA512

    c1e0f9624b3485e68478c44e1dec888c7d9980c76a0676bbc47b56c200725417ad0c4a58a0da1b9db5529d9cc165807ec323955dea0090ffb76dea0873393579

  • SSDEEP

    6144:C3rcIG98IZou0XYDd0mfFhTESz5kTM2pnOhwXHrhBBon6hP6d998o8tl/6e:y/uEYDNfPBzI7OhK9o6hP6d9F8r/

Malware Config

Targets

    • Target

      bebee881d6161401027222dc4b2557ab1187a74a8fe5c906b134beda59cb0c2e

    • Size

      362KB

    • MD5

      5eb62ff48048584ae1a29d6a4698ccae

    • SHA1

      a78bb9335164d216ab7bcdce5a7d9040d323c598

    • SHA256

      bebee881d6161401027222dc4b2557ab1187a74a8fe5c906b134beda59cb0c2e

    • SHA512

      c1e0f9624b3485e68478c44e1dec888c7d9980c76a0676bbc47b56c200725417ad0c4a58a0da1b9db5529d9cc165807ec323955dea0090ffb76dea0873393579

    • SSDEEP

      6144:C3rcIG98IZou0XYDd0mfFhTESz5kTM2pnOhwXHrhBBon6hP6d998o8tl/6e:y/uEYDNfPBzI7OhK9o6hP6d9F8r/

    • Adds policy Run key to start application

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks