Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    021ebd67415b25a606c5d5b4eba0a4cfe606599ab2b345975096fd1659de7308

  • Size

    296KB

  • Sample

    221205-tjj1mahe3t

  • MD5

    1721c61cbceb60bc13995d4c3169a150

  • SHA1

    5403d6bc5c268c0795d5477b85d95b812b937060

  • SHA256

    021ebd67415b25a606c5d5b4eba0a4cfe606599ab2b345975096fd1659de7308

  • SHA512

    4eca2941a8d9f567eb8ebb1ba231ea7a2037961c94569c36d697d9013f70513b90ce7f76a8da583ec1e11eaf9c923be4b02cc6daf5215bc3fdb3d7fca4726b4c

  • SSDEEP

    6144:KWhiGmZFHlPGFVDLwrWjgw7i/nwkgJwAYD9KLBkpa:LOFHlO7LwrWUwm/JgaAYhK9Z

Score
10/10

Malware Config

Targets

    • Target

      021ebd67415b25a606c5d5b4eba0a4cfe606599ab2b345975096fd1659de7308

    • Size

      296KB

    • MD5

      1721c61cbceb60bc13995d4c3169a150

    • SHA1

      5403d6bc5c268c0795d5477b85d95b812b937060

    • SHA256

      021ebd67415b25a606c5d5b4eba0a4cfe606599ab2b345975096fd1659de7308

    • SHA512

      4eca2941a8d9f567eb8ebb1ba231ea7a2037961c94569c36d697d9013f70513b90ce7f76a8da583ec1e11eaf9c923be4b02cc6daf5215bc3fdb3d7fca4726b4c

    • SSDEEP

      6144:KWhiGmZFHlPGFVDLwrWjgw7i/nwkgJwAYD9KLBkpa:LOFHlO7LwrWUwm/JgaAYhK9Z

    Score
    10/10
    • Modifies firewall policy service

    • Modifies security service

    • Sets service image path in registry

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks