Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    75b5724a0482ebcac8de073e1a3ce37879cfad27fdd1a6ad61d00f80b4059e46

  • Size

    1.4MB

  • Sample

    230923-rkb1asgb6x

  • MD5

    49188b7c5f7513a25a7a8579587ffb32

  • SHA1

    351790b37462b989f6de9f433ee4ed7226bdc6ab

  • SHA256

    75b5724a0482ebcac8de073e1a3ce37879cfad27fdd1a6ad61d00f80b4059e46

  • SHA512

    c5530a9c86bc1f56e80d15aacca786b32ad7bbe6a34911ea78a54b0cacd39d48e800937e7e11e55c39a16c466867ed28ed72b69485ad3bf63e2b00594517aaa3

  • SSDEEP

    24576:uwm0nWiG57FJnkFopUh0yiSruvJOQt85ZpDYWbUNNsYWM7aT32kfk49LBBtVIQnV:80WR7AFPyyiSruXKpk3WFDL9zxnSE

Malware Config

Targets

    • Target

      75b5724a0482ebcac8de073e1a3ce37879cfad27fdd1a6ad61d00f80b4059e46

    • Size

      1.4MB

    • MD5

      49188b7c5f7513a25a7a8579587ffb32

    • SHA1

      351790b37462b989f6de9f433ee4ed7226bdc6ab

    • SHA256

      75b5724a0482ebcac8de073e1a3ce37879cfad27fdd1a6ad61d00f80b4059e46

    • SHA512

      c5530a9c86bc1f56e80d15aacca786b32ad7bbe6a34911ea78a54b0cacd39d48e800937e7e11e55c39a16c466867ed28ed72b69485ad3bf63e2b00594517aaa3

    • SSDEEP

      24576:uwm0nWiG57FJnkFopUh0yiSruvJOQt85ZpDYWbUNNsYWM7aT32kfk49LBBtVIQnV:80WR7AFPyyiSruXKpk3WFDL9zxnSE

    • Downloads MZ/PE file

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks