Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    kaspersky-21.2.16.590.exe

  • Size

    2.8MB

  • Sample

    221229-s83nlagf41

  • MD5

    051a4c0c1f78a4acfd61af4a00c04d9a

  • SHA1

    a7d5522903f48c89f24f8893c480b8eb0360198e

  • SHA256

    71a83ef659aa734ae2dfcf7e106f3003e03fd29931e50ce9cf7f926cabd5ff06

  • SHA512

    1b4f8dd6f7f48ec130587782936a10e016cb69234fef30b2b19ee2eb1948f7b1ff15a0085746d122018db65d89748681c2df51da011cb145093cbdb473e389d7

  • SSDEEP

    49152:alINc3mvkxv9HnIyB8cKGdUDUe2QK0m0zJgHvQtuEG2EeyByoyjf02yt8o15D0:8INc3vbHnIyB8dGdU4e9Vzxtu/2ndogI

Malware Config

Targets

    • Target

      kaspersky-21.2.16.590.exe

    • Size

      2.8MB

    • MD5

      051a4c0c1f78a4acfd61af4a00c04d9a

    • SHA1

      a7d5522903f48c89f24f8893c480b8eb0360198e

    • SHA256

      71a83ef659aa734ae2dfcf7e106f3003e03fd29931e50ce9cf7f926cabd5ff06

    • SHA512

      1b4f8dd6f7f48ec130587782936a10e016cb69234fef30b2b19ee2eb1948f7b1ff15a0085746d122018db65d89748681c2df51da011cb145093cbdb473e389d7

    • SSDEEP

      49152:alINc3mvkxv9HnIyB8cKGdUDUe2QK0m0zJgHvQtuEG2EeyByoyjf02yt8o15D0:8INc3vbHnIyB8dGdU4e9Vzxtu/2ndogI

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Checks whether UAC is enabled

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v6

Tasks