Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    x-mirage-inst.exe

  • Size

    36.0MB

  • Sample

    231122-3zbtmafh31

  • MD5

    9dbe2a0e7c69daf944726046f44134cb

  • SHA1

    bd5033778ec1a2179e59ce48687c0e8713039146

  • SHA256

    155e513d1d4112f866526453f7ebbb4245fb92a0d5b29cad954d3371f63b4c1b

  • SHA512

    f627f2495ab57b6becc6ae9b645c0865d0a0a681d3d480923b854d905361f5a26931948f0493f84731b46d6cdda6ddec23fc18a7ca8ea6cb6b7678370df99861

  • SSDEEP

    786432:kaQSm27Ior0kd9o4Qrz7HL7HW7tLLVaZlOcopVyVFR7:n+mN06QrrbWJLVovuVY7

Score
10/10

Malware Config

Targets

    • Target

      x-mirage-inst.exe

    • Size

      36.0MB

    • MD5

      9dbe2a0e7c69daf944726046f44134cb

    • SHA1

      bd5033778ec1a2179e59ce48687c0e8713039146

    • SHA256

      155e513d1d4112f866526453f7ebbb4245fb92a0d5b29cad954d3371f63b4c1b

    • SHA512

      f627f2495ab57b6becc6ae9b645c0865d0a0a681d3d480923b854d905361f5a26931948f0493f84731b46d6cdda6ddec23fc18a7ca8ea6cb6b7678370df99861

    • SSDEEP

      786432:kaQSm27Ior0kd9o4Qrz7HL7HW7tLLVaZlOcopVyVFR7:n+mN06QrrbWJLVovuVY7

    Score
    10/10
    • Modifies firewall policy service

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks