Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cc20c1e11e6f7a646e19c68dc6db4d81362a5573e65fe9cf25b6f79b4afd87b9
-
Size
1.4MB
-
Sample
230801-bn4xgsdd61
-
MD5
c208c1d1d42cb360e33809dd47913bdd
-
SHA1
37a3001ef7ed491b5068e7d0344cbaa9758321c6
-
SHA256
cc20c1e11e6f7a646e19c68dc6db4d81362a5573e65fe9cf25b6f79b4afd87b9
-
SHA512
c5a95a908597eef8ecda3da6400f45988332bf33a661ae99c6e9975cbf83d004645785719f83beb13dfa4b3bdb0a327aeb2529596151fb734d1c07667c727797
-
SSDEEP
24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk
Static task
static1
Behavioral task
behavioral1
Sample
cc20c1e11e6f7a646e19c68dc6db4d81362a5573e65fe9cf25b6f79b4afd87b9.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
cc20c1e11e6f7a646e19c68dc6db4d81362a5573e65fe9cf25b6f79b4afd87b9
-
Size
1.4MB
-
MD5
c208c1d1d42cb360e33809dd47913bdd
-
SHA1
37a3001ef7ed491b5068e7d0344cbaa9758321c6
-
SHA256
cc20c1e11e6f7a646e19c68dc6db4d81362a5573e65fe9cf25b6f79b4afd87b9
-
SHA512
c5a95a908597eef8ecda3da6400f45988332bf33a661ae99c6e9975cbf83d004645785719f83beb13dfa4b3bdb0a327aeb2529596151fb734d1c07667c727797
-
SSDEEP
24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk
Score8/10-
Modifies Windows Firewall
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1