Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

783032c39a...f0.exe

windows7-x64

10

783032c39a...f0.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    783032c39a1b128532724362efb6c9f0

  • Size

    195KB

  • Sample

    231226-slw8asbeck

  • MD5

    783032c39a1b128532724362efb6c9f0

  • SHA1

    ce4d6f3554296bb48265fd245536a2ac527878d3

  • SHA256

    21b8c34f00e3e840e24f365946f6cfbb87d21ebb2d76c666644bc9cbf52084fd

  • SHA512

    199b3fa25d924f6539733c97c4bf800005e0468cdaf39ec25bbf12cf7d37d06ce0e6ed20b0db98efb803a045802c6e6716ac1b0ac0a8b5bf1a07477921dcaf50

  • SSDEEP

    3072:17fM5EWgd1mEwIEaSdkQzRLs9T7r5NOSqeXWZ+2sDOgLw8DlKLD7hSs:1fkEdr3wnPZEHfOSqGlBLxRiA

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      783032c39a1b128532724362efb6c9f0

    • Size

      195KB

    • MD5

      783032c39a1b128532724362efb6c9f0

    • SHA1

      ce4d6f3554296bb48265fd245536a2ac527878d3

    • SHA256

      21b8c34f00e3e840e24f365946f6cfbb87d21ebb2d76c666644bc9cbf52084fd

    • SHA512

      199b3fa25d924f6539733c97c4bf800005e0468cdaf39ec25bbf12cf7d37d06ce0e6ed20b0db98efb803a045802c6e6716ac1b0ac0a8b5bf1a07477921dcaf50

    • SSDEEP

      3072:17fM5EWgd1mEwIEaSdkQzRLs9T7r5NOSqeXWZ+2sDOgLw8DlKLD7hSs:1fkEdr3wnPZEHfOSqGlBLxRiA

    Score
    10/10
    evasionpersistence

    • Modifies firewall policy service

      evasion

    • Modifies security service

      evasion

    • Deletes itself

    • Registers COM server for autorun

      persistence

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks