Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

SETUP.bat

windows7-x64

7

SETUP.bat

windows10-2004-x64

6

UPGRADE.bat

windows7-x64

1

UPGRADE.bat

windows10-2004-x64

1

postgresql...nt.msi

windows7-x64

7

postgresql...nt.msi

windows10-2004-x64

7

postgresql-8.3.msi

windows7-x64

7

postgresql-8.3.msi

windows10-2004-x64

7

vcredist_x86.exe

windows7-x64

6

vcredist_x86.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cf99ea429de4214eca339924ae07105d809e5f5ac606a6c133eb2062c2fd1f65.zip.zip

  • Size

    24.8MB

  • Sample

    231107-rdgxzagb2s

  • MD5

    e0f88abd586a44c46238fac5ddf6a240

  • SHA1

    d0eeee07714734cd726e3b392f94f3f4a044fbd5

  • SHA256

    333b3d608fbbea193afd0cc487375fb3583a5207223fc4c66a3076317f81e68f

  • SHA512

    245f20a6dfd33b1fee4d2ec97ae9943445e3b1f2a481b567fcb45ca3faff403066d4331e3fccec1cbabb3e79b0dde3871fcf62a0b6617474c9c05df7ba493e6c

  • SSDEEP

    393216:tc0C22qugskVNCJeHRs+tfOao29MRp3E5VZ33GQ3btVwed88wmXe1bRylNE2DJ4G:tcZ22quMaBVaipU7ZHGCbUjmOrKEcZAU

Score
7/10
persistence

Malware Config

Targets

    • Target

      SETUP.bat

    • Size

      192B

    • MD5

      4200cecaf0d0d6838e48b87f78c90c19

    • SHA1

      9ac646870d4047e34d72ea244d003397bb4e54be

    • SHA256

      1c684469f8230b75ca0c8e6d1ed39bfdbe22d7259e7c992986f9f3897bf91c05

    • SHA512

      1f363479d82e6d9f1f8e068aff25043f8af44027a49c337f788ead27329e510c9e8bed755d5a7cb484be3fcfcfeb986481e82d68cc4689fd92f79c7df22169e0

    Score
    7/10
    persistence

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

    • Target

      UPGRADE.bat

    • Size

      1KB

    • MD5

      9fe4a6fa51ffdf3ba0be4ec0657de0a5

    • SHA1

      796c19e478dd35306a2c582a7627f0f5a54963b4

    • SHA256

      24885a55b9fba9779a4620a69064b1205787b3d93d3d29f1f2bcf904f4af7972

    • SHA512

      ab306f6c6d639570f3b02429f30e055fc6bd6e1d74dd8c8e614372ec98451e754751effb0e937785d8f00e538e47fe23fa3a26dd9ae14f4cf1d66807ba9d770e

    Score
    1/10
    behavioral3behavioral4

    • Target

      postgresql-8.3-int.msi

    • Size

      23.5MB

    • MD5

      0fb9d090498b5e1c59d6324641250ee5

    • SHA1

      b79e82b56a0f09d512ad5134a4ec453dad2a79d6

    • SHA256

      83b2f31b874031dae926395101e54154223a5a710e41ad818b93070758a665c5

    • SHA512

      2beeab78155ba68b7b28abc4cd9a392005a492663db5dcd57e5df7ec002aeef794c31198656947a7963fabfb5c2c87e06f494a3abafe8f665331e3748c24795b

    • SSDEEP

      393216:YDHDpG/agxuUQdmGScopKoZXsHWD5Tg/aHKrd51NevX/BNCasVdTT7vqQJRi8/wj:uHofutdLopsHMW/wK/QXpEBdTTztJRi/

    Score
    7/10

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral5behavioral6

    • Target

      postgresql-8.3.msi

    • Size

      157KB

    • MD5

      8417335b79c556649082d90f1afec9a2

    • SHA1

      be1c9ef6b2a78857b1dcc8651027dcee3d311b07

    • SHA256

      5aa3b4baf794d03b2af924e846b27c6580a9675aebf3e7f1d2c74b75f0f915a0

    • SHA512

      a3e9c778adee3936c27539cfe72a8b22d924e04a1f263eeb3a969d454f14661bbf4331b5bbc65758ee61523cb275f56a63755473df2b0c7f637ce6226f66adfe

    • SSDEEP

      1536:u4LjLwVJrjCQJZbrOtosa/lTREfOcqDp:pLoI6POtda/lTR

    Score
    7/10

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral7behavioral8

    • Target

      vcredist_x86.exe

    • Size

      2.6MB

    • MD5

      1f8e9fec647700b21d45e6cda97c39b7

    • SHA1

      037288ee51553f84498ae4873c357d367d1a3667

    • SHA256

      9c110c0426f4e75f4384a527f0abe2232fe71f2968eb91278b16b200537d3161

    • SHA512

      42f6ca3456951f3e85024444e513f424add6eda9f4807bf84c91dc8ccb623be6a8e83dc40a8b6a1bc2c6fd080f2c51b719ead1422e9d1c1079795ec70953a1ad

    • SSDEEP

      49152:IJFEcHcHfnIpvSUxuB4vkjfCSfil3ObWcrJhxSkm6Fo4Ea0g/I2Pz7citcU7tmLq:S2c8gfd87CQgu9xNpW4t/Ic7csd7t0q

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral10behavioral9

MITRE ATT&CK Enterprise v15

Tasks