Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    71c5d63a3b7c7c3e975a48f5aee416c9e33341c50020f97989f61cb96681e302

  • Size

    186KB

  • Sample

    221205-q5e21sac7y

  • MD5

    6a404f069b1a1ff1d027a7b30f6ae6df

  • SHA1

    c452c73fe28ae0374c879e21aba68a0575e2984c

  • SHA256

    71c5d63a3b7c7c3e975a48f5aee416c9e33341c50020f97989f61cb96681e302

  • SHA512

    15da397c5413fce271013ea78b2e03850c5d4d2b329c06403542a8872333d129bdf89281ba05457b3952b498aced53d8d0fce62cee65fe2d5b42cf3170cc7a10

  • SSDEEP

    3072:rimsXXK9HRTOeriRfP6pXfSb0dspqc5oY0htVFAHT11Ual21Cxcs0HKAH057kyJp:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HWT

Score
10/10

Malware Config

Targets

    • Target

      71c5d63a3b7c7c3e975a48f5aee416c9e33341c50020f97989f61cb96681e302

    • Size

      186KB

    • MD5

      6a404f069b1a1ff1d027a7b30f6ae6df

    • SHA1

      c452c73fe28ae0374c879e21aba68a0575e2984c

    • SHA256

      71c5d63a3b7c7c3e975a48f5aee416c9e33341c50020f97989f61cb96681e302

    • SHA512

      15da397c5413fce271013ea78b2e03850c5d4d2b329c06403542a8872333d129bdf89281ba05457b3952b498aced53d8d0fce62cee65fe2d5b42cf3170cc7a10

    • SSDEEP

      3072:rimsXXK9HRTOeriRfP6pXfSb0dspqc5oY0htVFAHT11Ual21Cxcs0HKAH057kyJp:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HWT

    Score
    10/10
    • Modifies WinLogon for persistence

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks