Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0e6d9b5e4df3607811a555d4fafa2768

  • Size

    64KB

  • Sample

    231230-e2tv8afcg6

  • MD5

    0e6d9b5e4df3607811a555d4fafa2768

  • SHA1

    d09b3bac7d74843b746099a040ad7ebebd6444f4

  • SHA256

    da2c871c43c9170d90191f4b952d2dfb0d2def9aabe8d4792b10c0f1dad1327d

  • SHA512

    7a64ed610ca5d78fee218d72edc46d28e168fd2b635e972036ad821f3a10e9d402572ee133e2d752144d2791c5db8a5387e11d465acaa8b34edea75a3ebf98d6

  • SSDEEP

    1536:5FpJ5FRZYNf2eUAkrilPFI+bgfaSJzc1wVAoqbJ8QqdM:5FpJVZ42fANlPFIagZJQ1wqXbJ8bM

Malware Config

Targets

    • Target

      0e6d9b5e4df3607811a555d4fafa2768

    • Size

      64KB

    • MD5

      0e6d9b5e4df3607811a555d4fafa2768

    • SHA1

      d09b3bac7d74843b746099a040ad7ebebd6444f4

    • SHA256

      da2c871c43c9170d90191f4b952d2dfb0d2def9aabe8d4792b10c0f1dad1327d

    • SHA512

      7a64ed610ca5d78fee218d72edc46d28e168fd2b635e972036ad821f3a10e9d402572ee133e2d752144d2791c5db8a5387e11d465acaa8b34edea75a3ebf98d6

    • SSDEEP

      1536:5FpJ5FRZYNf2eUAkrilPFI+bgfaSJzc1wVAoqbJ8QqdM:5FpJVZ42fANlPFIagZJQ1wqXbJ8bM

    • Modifies AppInit DLL entries

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks