Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Contract-4.msi

  • Size

    660KB

  • Sample

    231009-pt2wzach6s

  • MD5

    1b6f948f740eb0426204a9b15472b194

  • SHA1

    724912fd27e5f1c115144173d38d6ed27357a3e5

  • SHA256

    ffd3edf21e63fee92fb9babbf56ccaddf2d78f58caeb6e6985a25aa4b8c519f1

  • SHA512

    8cdab05208446915152808c114dc3942d3620572ef9aeb9acdd990f8f68a6401b2d88182804ead33fc832b32aed13b634925bbd672b534b0fa931b1704077f4b

  • SSDEEP

    12288:3tvRQ+gjpjegGdo8rgLKxBTi9byLw2wHvHgU3qfrbDW:3tncpVGPrgtyLHw33qjbD

Score
8/10

Malware Config

Targets

    • Target

      Contract-4.msi

    • Size

      660KB

    • MD5

      1b6f948f740eb0426204a9b15472b194

    • SHA1

      724912fd27e5f1c115144173d38d6ed27357a3e5

    • SHA256

      ffd3edf21e63fee92fb9babbf56ccaddf2d78f58caeb6e6985a25aa4b8c519f1

    • SHA512

      8cdab05208446915152808c114dc3942d3620572ef9aeb9acdd990f8f68a6401b2d88182804ead33fc832b32aed13b634925bbd672b534b0fa931b1704077f4b

    • SSDEEP

      12288:3tvRQ+gjpjegGdo8rgLKxBTi9byLw2wHvHgU3qfrbDW:3tncpVGPrgtyLHw33qjbD

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks