Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    366124ebe6a3fbee0a2df8032c40c0666f3db3676f68df456fdba9312626ff37

  • Size

    566KB

  • Sample

    221206-rrrz4aaa8w

  • MD5

    8c281a1f8633b94eeaf8ecdc22f0b32a

  • SHA1

    ff0d51e19ad3b061c6c789e1735a088061ec97cf

  • SHA256

    366124ebe6a3fbee0a2df8032c40c0666f3db3676f68df456fdba9312626ff37

  • SHA512

    9e9a027ebbd13bfbbdc2d93417183c9b63c206023ac0c6837f63b6aa1cab7a106c59c5559cdac1a1de788a37c605cbc2f7c615f3fc5fbed2b57f30648ca4ea28

  • SSDEEP

    6144:5uHOFHrG1VVE+IRuHOaHrG1VVE+IRuHOaHr6E2E4:gOFLu9OaLu9OaLh4

Score
10/10

Malware Config

Targets

    • Target

      366124ebe6a3fbee0a2df8032c40c0666f3db3676f68df456fdba9312626ff37

    • Size

      566KB

    • MD5

      8c281a1f8633b94eeaf8ecdc22f0b32a

    • SHA1

      ff0d51e19ad3b061c6c789e1735a088061ec97cf

    • SHA256

      366124ebe6a3fbee0a2df8032c40c0666f3db3676f68df456fdba9312626ff37

    • SHA512

      9e9a027ebbd13bfbbdc2d93417183c9b63c206023ac0c6837f63b6aa1cab7a106c59c5559cdac1a1de788a37c605cbc2f7c615f3fc5fbed2b57f30648ca4ea28

    • SSDEEP

      6144:5uHOFHrG1VVE+IRuHOaHrG1VVE+IRuHOaHr6E2E4:gOFLu9OaLu9OaLh4

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Executes dropped EXE

    • Sets file execution options in registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks