Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    enelfacturanopagada.zip

  • Size

    11.0MB

  • Sample

    231117-w68nlsdf7t

  • MD5

    6c4274cb181fb85c3f8f9190c15f4220

  • SHA1

    c7b85a4705a634c1bdbd66fbcc49c1e5825a1563

  • SHA256

    4c9dbf8ad11b96a8638b4476a73534c4477f6b91610b59476348a36fb0650de5

  • SHA512

    0de8c18f07933f9083fc39aecdfc910885f219f9445ec63fe62da3ab25dd0436d0a7697cd99dd768ee7523c84a93b8b493004e4f682d3abac7f75e7ecc85ea43

  • SSDEEP

    196608:tNmAccoFmU9kCsikk6rt3OtrIc7xXjsXInAFclZ7f9vbARgwM0Hvyve1a0APW0om:WAIFmri4t38Ic7xFnA2NRARgw36m4P5t

Score
7/10

Malware Config

Targets

    • Target

      enelfacturanopagada.msi

    • Size

      12.1MB

    • MD5

      1c227f66ba9be0d8b241855ab970469f

    • SHA1

      dbf8abb10d8bc81bd6a8ff00c9e0da82451e9faf

    • SHA256

      8580240bd09f39ae2da96ad133449e66203fa481bf786107e8be5bbb151c91b1

    • SHA512

      04ca4475701744843d5b4c0e6e35a45368d322834765b00841b35d09d7320773bd5e2bc5309e2f76292024e1afdf73fd4cdcf278a6dfa20ea2f013fa1d24a2d5

    • SSDEEP

      393216:VmEIdgNKOHxSwalZiYEn5ela+RCMuD7ay:Cdg0ORIxEcpRJOWy

    Score
    7/10
    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks