Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NWwww#5.exe
-
Size
1.6MB
-
Sample
230802-lsqkrsea35
-
MD5
556c972a4792908bd1056880fbcf6fb8
-
SHA1
2db1abd5f0a4037a9935d571c4ca7f8e8b4efc15
-
SHA256
ac7a4330088e7a46a977714c404aad19d381262a3496be2f956ed868eba3b5f3
-
SHA512
cb088ac596350be0265e1b5ac0f1f2103d28c2c090c3644862cef57cc89ad30a91309f881f3e74af9a2f86a68b65d7cca8915e006677a9347f19ef97993dac60
-
SSDEEP
24576:4+l2sfHM0lcBAPwaUfJLdW43C5/f4UG4:/ERA03C5
Static task
static1
Behavioral task
behavioral1
Sample
NWwww#5.exe
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
NWwww#5.exe
-
Size
1.6MB
-
MD5
556c972a4792908bd1056880fbcf6fb8
-
SHA1
2db1abd5f0a4037a9935d571c4ca7f8e8b4efc15
-
SHA256
ac7a4330088e7a46a977714c404aad19d381262a3496be2f956ed868eba3b5f3
-
SHA512
cb088ac596350be0265e1b5ac0f1f2103d28c2c090c3644862cef57cc89ad30a91309f881f3e74af9a2f86a68b65d7cca8915e006677a9347f19ef97993dac60
-
SSDEEP
24576:4+l2sfHM0lcBAPwaUfJLdW43C5/f4UG4:/ERA03C5
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1