Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6306f11b58b3101f8733917a7e55f624
-
Size
186KB
-
Sample
231226-k83dtsfdhj
-
MD5
6306f11b58b3101f8733917a7e55f624
-
SHA1
710abd7c511f4b1ab964c2e1f2f11c49cf280323
-
SHA256
54a02c62da5909f1cb2c52a87925c58e559c3d789a3997417e705877cc9ba215
-
SHA512
e3a5a218f4efe3d2ed385cf3cf7a5e51fcb557e1ce3353cb48de177e7e093683204927adf1cbb770816a2422e83462d2bf7a563f2a8b531fb7e8d97f5d746426
-
SSDEEP
3072:jFjAY9/TB7tqg/4mwEG/erxGl1IlMAta77kFV3PLkTfxla:xcuVP2E8HA8kP/LCfa
Static task
static1
Behavioral task
behavioral1
Sample
6306f11b58b3101f8733917a7e55f624.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
6306f11b58b3101f8733917a7e55f624.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
6306f11b58b3101f8733917a7e55f624
-
Size
186KB
-
MD5
6306f11b58b3101f8733917a7e55f624
-
SHA1
710abd7c511f4b1ab964c2e1f2f11c49cf280323
-
SHA256
54a02c62da5909f1cb2c52a87925c58e559c3d789a3997417e705877cc9ba215
-
SHA512
e3a5a218f4efe3d2ed385cf3cf7a5e51fcb557e1ce3353cb48de177e7e093683204927adf1cbb770816a2422e83462d2bf7a563f2a8b531fb7e8d97f5d746426
-
SSDEEP
3072:jFjAY9/TB7tqg/4mwEG/erxGl1IlMAta77kFV3PLkTfxla:xcuVP2E8HA8kP/LCfa
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
Deletes itself
-
Executes dropped EXE
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
2Windows Service
2