Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    19010064735b311878b3c77992576266

  • Size

    2.2MB

  • Sample

    231224-3bjjkadcb5

  • MD5

    19010064735b311878b3c77992576266

  • SHA1

    600f426218df8a0bbc1c41f84992201193fdbfef

  • SHA256

    9a1d71e87d41756a20343e52c251d80cb5a3c71c61b5bdf18768ce1a91c5627a

  • SHA512

    30c168643b9a00d07e73b6c3d099d4a564a01a9bd1d6b1406963d4bcc54217b3bc8a810dfb51592276ba10ad9598977d7b854991f7b4b4a6016578f14b2626b3

  • SSDEEP

    49152:Nlwoh4eQ9YzqSxiHO07vR0xf78wJEgBI8ypvw/:UohUYSHj7m78wJEhp4/

Score
8/10

Malware Config

Targets

    • Target

      Install.exe

    • Size

      1.1MB

    • MD5

      c7fe5eded2835bc849d671452504fdd4

    • SHA1

      0189352c04fdbd0c44c232c9d2098b00c081e323

    • SHA256

      bfa877d7d249e2b4b8e33abce85f63143194fc79164c42e70201591a3dec4eba

    • SHA512

      3118328ccc158cba27f77f37ab250258369313ff3b6cd716a95f778f6f0f193353740f43c59ad7a04e43459e9118805b44f6e57583aede33093d984eadea50de

    • SSDEEP

      24576:JF1aHlJHvQ0EnHTAQybyz7p+BX315IoxUXhNpHw:PipvQPLT8p3UoiRNpHw

    Score
    1/10
    • Target

      Setup_00.exe

    • Size

      1.2MB

    • MD5

      d59834b63e2b500a74130c07bb801ce6

    • SHA1

      2bb98af8a9f643d4ba1ec1b7166b197526e3c30a

    • SHA256

      c3c52be4316da1412f125ed5551a282ca977fb2764ad15074ec3bf91803e8678

    • SHA512

      89011e6bffb19121b2751b8cfe777bed8f5e898dcadf764f38d4726eebbbc5889874a7ee5c58ccbb77f268566807626845b815e71b7d7be0fa5d43b06e491ae4

    • SSDEEP

      24576:bPkPHxZN84YhACUpsjQ9XaqK/FSCwhSQoQWD7zBNDujvbOHMm:b6ODhAmWK/vXDPfHMm

    Score
    8/10
    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

MITRE ATT&CK Enterprise v15

Tasks