Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f9829b33fdd63fca564aac7da5c096a9
-
Size
302KB
-
Sample
231228-1c3ygsced5
-
MD5
f9829b33fdd63fca564aac7da5c096a9
-
SHA1
98f3cec3696847ca5cfd25b451d0cc151a4a244f
-
SHA256
31b9ea45a54ae375bc316c1810ce1953cccdeecdb53f599fa31c2739df4bbd6d
-
SHA512
03e1a57c1082b0ac6ccd9d92cd9296067bf0b7a8ba30674804d9f5d9dc70849fe81f04747f58c965b1d00f8f86ef8ec23137b4c6f58c53a887153e5798b5cde0
-
SSDEEP
6144:lvIj8NvygNcg+RoK0zat8GzwzkIXfYnPYEvaUy:lQjAyGjK0qjIQnA6aL
Malware Config
Targets
-
-
Target
f9829b33fdd63fca564aac7da5c096a9
-
Size
302KB
-
MD5
f9829b33fdd63fca564aac7da5c096a9
-
SHA1
98f3cec3696847ca5cfd25b451d0cc151a4a244f
-
SHA256
31b9ea45a54ae375bc316c1810ce1953cccdeecdb53f599fa31c2739df4bbd6d
-
SHA512
03e1a57c1082b0ac6ccd9d92cd9296067bf0b7a8ba30674804d9f5d9dc70849fe81f04747f58c965b1d00f8f86ef8ec23137b4c6f58c53a887153e5798b5cde0
-
SSDEEP
6144:lvIj8NvygNcg+RoK0zat8GzwzkIXfYnPYEvaUy:lQjAyGjK0qjIQnA6aL
Score8/10-
Drops file in Drivers directory
-
Sets service image path in registry
-
Modifies system executable filetype association
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Event Triggered Execution
1Change Default File Association
1