Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    tuc5.exe

  • Size

    6.9MB

  • Sample

    231210-zgewsacabl

  • MD5

    310cdb63637621d845c3afc9107fba90

  • SHA1

    4144640a076f46184bee539aa49bf2bec20e2e62

  • SHA256

    7c1451058696840ebd0f24909b58bf0dd7ebaea72888903761c1a03f7cda3a4b

  • SHA512

    bff6c566d8a567cba397b38b69a688df2cf94fbbf3cb7446881211946ee4d450c3a01c445ff8c017769596ff9a92d101a3db771527df867f2345247d86bd3822

  • SSDEEP

    196608:YxnTNzjsOzc7TGHscDgcXbIdslX38dgFYJzj:QNztzQlcDPXus98d9Jzj

Score
7/10

Malware Config

Targets

    • Target

      tuc5.exe

    • Size

      6.9MB

    • MD5

      310cdb63637621d845c3afc9107fba90

    • SHA1

      4144640a076f46184bee539aa49bf2bec20e2e62

    • SHA256

      7c1451058696840ebd0f24909b58bf0dd7ebaea72888903761c1a03f7cda3a4b

    • SHA512

      bff6c566d8a567cba397b38b69a688df2cf94fbbf3cb7446881211946ee4d450c3a01c445ff8c017769596ff9a92d101a3db771527df867f2345247d86bd3822

    • SSDEEP

      196608:YxnTNzjsOzc7TGHscDgcXbIdslX38dgFYJzj:QNztzQlcDPXus98d9Jzj

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks