Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
09178e1b098eb3dc921313e062773383
-
Size
483KB
-
Sample
231230-a6tnssfaa9
-
MD5
09178e1b098eb3dc921313e062773383
-
SHA1
25483440587187ed5ab53218b303ec1be0884c98
-
SHA256
41acc6c4738a04d2e9a1fb4cb3972dab5266ae1c4952caf8c719e9405674dc3e
-
SHA512
ddffd2be7e0f841dbfd98a2ffc7106b7a309d4b121b7da87d88b412699447e6e4448179167729720633b255ef650003c148f6f0844036176cb0f169a8d81eff8
-
SSDEEP
12288:OueiQkTrvj4eDCqgrIFXpWHSRptxsW7lZhFWUkTp5k10:OIQkTf4eDYcF5ESzt1IUk
Static task
static1
Behavioral task
behavioral1
Sample
09178e1b098eb3dc921313e062773383.exe
Resource
win7-20231215-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
09178e1b098eb3dc921313e062773383
-
Size
483KB
-
MD5
09178e1b098eb3dc921313e062773383
-
SHA1
25483440587187ed5ab53218b303ec1be0884c98
-
SHA256
41acc6c4738a04d2e9a1fb4cb3972dab5266ae1c4952caf8c719e9405674dc3e
-
SHA512
ddffd2be7e0f841dbfd98a2ffc7106b7a309d4b121b7da87d88b412699447e6e4448179167729720633b255ef650003c148f6f0844036176cb0f169a8d81eff8
-
SSDEEP
12288:OueiQkTrvj4eDCqgrIFXpWHSRptxsW7lZhFWUkTp5k10:OIQkTf4eDYcF5ESzt1IUk
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1