Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fifty50final.cmd.EXE

  • Size

    155KB

  • Sample

    230109-m8vp4ahd9x

  • MD5

    99e3c49edfa0934419a87adb9a1d99dd

  • SHA1

    4c82fbdda744ce7ccf91e7f07b4ac2efffa68f19

  • SHA256

    57ad72c7f7f87aeeff5eaf37d779a72d55a2876e3e95273311189b635b103c16

  • SHA512

    2e4b876321e47c2ec98cfaf0989b0e023c3cac76b9e8e0812da975b2d75867041ade89ca7654d3354141c1c429f63d3f01cfe188f32c1013057908c5d3b689fa

  • SSDEEP

    3072:XahKyd2n31i5GWp1icKAArDZz4N9GhbkrNEk1tT:XahOmp0yN90QEa

Malware Config

Targets

    • Target

      fifty50final.cmd.EXE

    • Size

      155KB

    • MD5

      99e3c49edfa0934419a87adb9a1d99dd

    • SHA1

      4c82fbdda744ce7ccf91e7f07b4ac2efffa68f19

    • SHA256

      57ad72c7f7f87aeeff5eaf37d779a72d55a2876e3e95273311189b635b103c16

    • SHA512

      2e4b876321e47c2ec98cfaf0989b0e023c3cac76b9e8e0812da975b2d75867041ade89ca7654d3354141c1c429f63d3f01cfe188f32c1013057908c5d3b689fa

    • SSDEEP

      3072:XahKyd2n31i5GWp1icKAArDZz4N9GhbkrNEk1tT:XahOmp0yN90QEa

    • Disables Task Manager via registry modification

    • Modifies Installed Components in the registry

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v6

Tasks