Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

SETUP.bat

windows7-x64

7

SETUP.bat

windows10-2004-x64

6

UPGRADE.bat

windows7-x64

1

UPGRADE.bat

windows10-2004-x64

1

postgresql...nt.msi

windows7-x64

7

postgresql...nt.msi

windows10-2004-x64

7

postgresql-8.3.msi

windows7-x64

7

postgresql-8.3.msi

windows10-2004-x64

7

vcredist_x86.exe

windows7-x64

7

vcredist_x86.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21246a746eac24c95cc90e798997fcd749520d02fc9c6565b0fa1b072a4e6c97.zip.zip

  • Size

    25.1MB

  • Sample

    231107-rzd37sbe62

  • MD5

    1149f67ef4ad05bfb221f5fbd56135ca

  • SHA1

    214bff2da6cac57bd84fa82a71cbb72a1bb2fdfc

  • SHA256

    6275b51454ddddba706e761430bba9f756503bdc34d63649451a9f020a2afc1e

  • SHA512

    30ac283784a30692d30ce66ee7109a3c3e75e14ae335a293e799cc6bcc67b59f8565152b5b4f362b90650c1d46a77dfe3678d106128f86ba9fe78a1505753562

  • SSDEEP

    786432:/6tOPyxu+cs00Xt6t6xwHWm2I90hQQXbidGpV:/kht6YYT0hQEbUGb

Score
7/10
persistence

Malware Config

Targets

    • Target

      SETUP.bat

    • Size

      192B

    • MD5

      4200cecaf0d0d6838e48b87f78c90c19

    • SHA1

      9ac646870d4047e34d72ea244d003397bb4e54be

    • SHA256

      1c684469f8230b75ca0c8e6d1ed39bfdbe22d7259e7c992986f9f3897bf91c05

    • SHA512

      1f363479d82e6d9f1f8e068aff25043f8af44027a49c337f788ead27329e510c9e8bed755d5a7cb484be3fcfcfeb986481e82d68cc4689fd92f79c7df22169e0

    Score
    7/10
    persistence

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

    • Target

      UPGRADE.bat

    • Size

      1KB

    • MD5

      9fe4a6fa51ffdf3ba0be4ec0657de0a5

    • SHA1

      796c19e478dd35306a2c582a7627f0f5a54963b4

    • SHA256

      24885a55b9fba9779a4620a69064b1205787b3d93d3d29f1f2bcf904f4af7972

    • SHA512

      ab306f6c6d639570f3b02429f30e055fc6bd6e1d74dd8c8e614372ec98451e754751effb0e937785d8f00e538e47fe23fa3a26dd9ae14f4cf1d66807ba9d770e

    Score
    1/10
    behavioral3behavioral4

    • Target

      postgresql-8.3-int.msi

    • Size

      23.8MB

    • MD5

      ec78c9a48eb0f1a5d645b26c8cb73c7c

    • SHA1

      af7e55be5345a002d497946e86c5f1067124e1ef

    • SHA256

      498fc55a80f590b6eea38492cee53cb71d5e652ea8c0f4cb45a85e5b20e615eb

    • SHA512

      cda5797cb0d0bd57188194ca89dab073989f14f23faaf779f59922dc9198275a0159beaed9ad979b35a1de7c0fc7cb16c668139cc1c1b32711a4d14d1b19657e

    • SSDEEP

      393216:+X9bU4kUZeCeOwmiZn4xXaHddwZW+MpGThFiaff/J4WZtde9Skc3+ARhNEkasOEe:+XloSejOwbZnWaHbvCiaXtZtdesv3nRg

    Score
    7/10

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral5behavioral6

    • Target

      postgresql-8.3.msi

    • Size

      157KB

    • MD5

      1e6553f86dde0f12b7f9981afc5054ea

    • SHA1

      e1b66fd97c564b0bd775f378250ff3405b34c522

    • SHA256

      045778cd90249429c57e07bce0da08ceabe6bd8ebeee0e64e56084d021c93892

    • SHA512

      e401893437a08213aca5f5f26300513e7afd606b4b538e80732b1a12fe36ff77cb02d1ff7b9c1f788923e855069d592adbfcea6b836b713811aa71133304ea0a

    • SSDEEP

      768:G/oTHgCmVMdtCSucz/ZslMb+iV0Tta0fYn/lTR/BxY/xP4eOncCzLS8WoPb86p:iIDmDC/ZxbrItasa/lTREfOcqDp

    Score
    7/10

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral7behavioral8

    • Target

      vcredist_x86.exe

    • Size

      2.6MB

    • MD5

      f5926134a66309d9d2b14416ff707891

    • SHA1

      84f65b93f99dca65f47638b4eb851c32fefc6939

    • SHA256

      9f46c94aed0854314d6162fdc8162964bd3efd646d078caafb03fdbbefc41f0d

    • SHA512

      52fc37019e59a330c3ff66d2978b66c36caf2dbb7d6ee76b20af738cd27304be0255f7c63b999ab354e3bf6adcce81d96172c239df6f0122e4ea3c77e15fe151

    • SSDEEP

      49152:QwIRpt0/YCbD3WyByiH1ThVZwiqVcwmscYVjaV6tmPS2wy1CZDkYEHvP:pII97yO1TNwif+UVQiJwah

    Score
    7/10
    persistence

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral10behavioral9

MITRE ATT&CK Enterprise v15

Tasks