Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

104bb5144d...eb.exe

windows7-x64

10

104bb5144d...eb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    104bb5144d270a4001311630d58da0eb

  • Size

    2.7MB

  • Sample

    231225-jrj1gsgdg7

  • MD5

    104bb5144d270a4001311630d58da0eb

  • SHA1

    a1fdefd4bfebd068872a4e65a48e125d8b8b316c

  • SHA256

    3fc1dfddc7362bde4841fd2a3ecdaa870a277d50d059be39f97d021798fc618a

  • SHA512

    921b3e7af694df3c596ed616d3bd14b1f4408f0f89ca01759ff317b29b4a6896df7ea843b8c42125f725bd934605bfd0c94cb8b7af04e82a8e21ca249aa7ee6c

  • SSDEEP

    49152:bs8NKeTDkYOMwwnMb4PmyVK7BL/KPph7GBfWjZuY:8YOXwnS4rVTP77GBfWjl

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      104bb5144d270a4001311630d58da0eb

    • Size

      2.7MB

    • MD5

      104bb5144d270a4001311630d58da0eb

    • SHA1

      a1fdefd4bfebd068872a4e65a48e125d8b8b316c

    • SHA256

      3fc1dfddc7362bde4841fd2a3ecdaa870a277d50d059be39f97d021798fc618a

    • SHA512

      921b3e7af694df3c596ed616d3bd14b1f4408f0f89ca01759ff317b29b4a6896df7ea843b8c42125f725bd934605bfd0c94cb8b7af04e82a8e21ca249aa7ee6c

    • SSDEEP

      49152:bs8NKeTDkYOMwwnMb4PmyVK7BL/KPph7GBfWjZuY:8YOXwnS4rVTP77GBfWjl

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks