Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

ANBM09AIKP...C3.msi

windows7-x64

7

ANBM09AIKP...C3.msi

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    $R28GAFK.ZIP

  • Size

    4.9MB

  • Sample

    230531-sb7w2sgb2v

  • MD5

    f4c1fbabd6a6cfd053a78919ea3e019d

  • SHA1

    e37efc30378df62aa89d363d0d75c6858fdb8c36

  • SHA256

    0c9fa973aa7115e957074e7b2fcc3ae6678d12d8575e4ea0c85a28831bd03e73

  • SHA512

    e46a544415fcf6db008795a292d3a3fc0dc21d19a783d16fe46ecbef980a5f0fd10fe301cf09a7fb1a1bcb63419735705399084ec70e282f3d71365b3b5e0720

  • SSDEEP

    98304:sh7YMb4qBkF+lpU7X79YjcB+6IPiivxQNZPYuI9uxBGLq8Yj:k8Mb/kgU7XSoBfBnPi9ubGLq8Yj

Score
8/10
persistence

Malware Config

Targets

    • Target

      ANBM09AIKPXBD8HU80C3.MSI

    • Size

      130.1MB

    • MD5

      eaa99bc35dd4e31c94323b4f0d7306ec

    • SHA1

      2d44b0763847375e0a5595f20754df4269485dd9

    • SHA256

      58cdedd91e7b971db2bbcc46d06651c2769535756144ec671e3c8e05e5a5e29d

    • SHA512

      ee1a2e96c28b51bffdfb307851c90d0349b3a001c46fe1b1609df5097fbc12f37c10765652210b3aca644bd55db3d2d01426d0e0d0d3f3861fbfa59e6db9f615

    • SSDEEP

      98304:27mwfuF/Xr92mEVVINAxfQ1kltDRikAgmwUNiLnJbEFkCm8VzV4P0KBsK67rYIPk:27OgmT2Q8O3/KBzIb/

    Score
    8/10
    persistence

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks