Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
71c5d63a3b7c7c3e975a48f5aee416c9e33341c50020f97989f61cb96681e302
-
Size
186KB
-
Sample
221205-q5e21sac7y
-
MD5
6a404f069b1a1ff1d027a7b30f6ae6df
-
SHA1
c452c73fe28ae0374c879e21aba68a0575e2984c
-
SHA256
71c5d63a3b7c7c3e975a48f5aee416c9e33341c50020f97989f61cb96681e302
-
SHA512
15da397c5413fce271013ea78b2e03850c5d4d2b329c06403542a8872333d129bdf89281ba05457b3952b498aced53d8d0fce62cee65fe2d5b42cf3170cc7a10
-
SSDEEP
3072:rimsXXK9HRTOeriRfP6pXfSb0dspqc5oY0htVFAHT11Ual21Cxcs0HKAH057kyJp:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HWT
Behavioral task
behavioral1
Sample
71c5d63a3b7c7c3e975a48f5aee416c9e33341c50020f97989f61cb96681e302.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
71c5d63a3b7c7c3e975a48f5aee416c9e33341c50020f97989f61cb96681e302.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
71c5d63a3b7c7c3e975a48f5aee416c9e33341c50020f97989f61cb96681e302
-
Size
186KB
-
MD5
6a404f069b1a1ff1d027a7b30f6ae6df
-
SHA1
c452c73fe28ae0374c879e21aba68a0575e2984c
-
SHA256
71c5d63a3b7c7c3e975a48f5aee416c9e33341c50020f97989f61cb96681e302
-
SHA512
15da397c5413fce271013ea78b2e03850c5d4d2b329c06403542a8872333d129bdf89281ba05457b3952b498aced53d8d0fce62cee65fe2d5b42cf3170cc7a10
-
SSDEEP
3072:rimsXXK9HRTOeriRfP6pXfSb0dspqc5oY0htVFAHT11Ual21Cxcs0HKAH057kyJp:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HWT
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-