Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
615e0963032c8a9f60e22125bac59199d4f239303d49821c8bcd0233fa315078
-
Size
3.6MB
-
Sample
230816-w3f47ada69
-
MD5
b25464fd6ff51740a901ce321efa14cd
-
SHA1
7f2252ae90a3332700f0c4f3071ffd5aab365bcc
-
SHA256
615e0963032c8a9f60e22125bac59199d4f239303d49821c8bcd0233fa315078
-
SHA512
785626da931007bc74ade1921fd36ad8cab7e6199497808888763e3a8f87c37613c1e5b1af21f1c795b3cac4a3abad6754d908be20f67ea14a43dcb2a32f5053
-
SSDEEP
98304:DtHautEXQtFfXLYyU3M0+4Gdpm+hln4CqLqopxpygsO:DBaObV+M0+4Gjzhu1Pygz
Static task
static1
Behavioral task
behavioral1
Sample
615e0963032c8a9f60e22125bac59199d4f239303d49821c8bcd0233fa315078.exe
Resource
win7-20230712-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
615e0963032c8a9f60e22125bac59199d4f239303d49821c8bcd0233fa315078
-
Size
3.6MB
-
MD5
b25464fd6ff51740a901ce321efa14cd
-
SHA1
7f2252ae90a3332700f0c4f3071ffd5aab365bcc
-
SHA256
615e0963032c8a9f60e22125bac59199d4f239303d49821c8bcd0233fa315078
-
SHA512
785626da931007bc74ade1921fd36ad8cab7e6199497808888763e3a8f87c37613c1e5b1af21f1c795b3cac4a3abad6754d908be20f67ea14a43dcb2a32f5053
-
SSDEEP
98304:DtHautEXQtFfXLYyU3M0+4Gdpm+hln4CqLqopxpygsO:DBaObV+M0+4Gjzhu1Pygz
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5