Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bcb07215167cca65d7fa20884c819f20_exe32.exe

  • Size

    516KB

  • Sample

    231015-yfx6asgb58

  • MD5

    bcb07215167cca65d7fa20884c819f20

  • SHA1

    236f145456a6bb808aea131a44e0051899bb725d

  • SHA256

    513a984b5de35c83558f0c0d336619b0fb0a00f5ecd2fc4ccfabcf3d8ef191ac

  • SHA512

    cace699ecbaa398c7f15de5c1ce38f7bd66cfc3179047c55b9fa1416bc0d8483d843d01c38be403342a7390617f3b5d526df1c2e8ff8aca23f21fe2f49cc2ff5

  • SSDEEP

    12288:1emPl1dtgvyiPiAw/P6mlZoLoWZerTdZKP9DOMAw:MExmvNPxw/7XoUWumxft

Score
10/10

Malware Config

Targets

    • Target

      bcb07215167cca65d7fa20884c819f20_exe32.exe

    • Size

      516KB

    • MD5

      bcb07215167cca65d7fa20884c819f20

    • SHA1

      236f145456a6bb808aea131a44e0051899bb725d

    • SHA256

      513a984b5de35c83558f0c0d336619b0fb0a00f5ecd2fc4ccfabcf3d8ef191ac

    • SHA512

      cace699ecbaa398c7f15de5c1ce38f7bd66cfc3179047c55b9fa1416bc0d8483d843d01c38be403342a7390617f3b5d526df1c2e8ff8aca23f21fe2f49cc2ff5

    • SSDEEP

      12288:1emPl1dtgvyiPiAw/P6mlZoLoWZerTdZKP9DOMAw:MExmvNPxw/7XoUWumxft

    Score
    10/10
    • Modifies firewall policy service

    • Adds policy Run key to start application

    • Modifies Installed Components in the registry

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks