Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    14d94b9e3107b726cf14ea686420210c

  • Size

    836KB

  • Sample

    231230-lqy45adga2

  • MD5

    14d94b9e3107b726cf14ea686420210c

  • SHA1

    6f458076e34fd6ba779fef033274cbdc81268411

  • SHA256

    24df9e16089f20d2c3388a5decff09143930a28fb9b14abd165ef8c2389749d6

  • SHA512

    1881064e4d76ede52451e1d6406d27dc88c6a2d9658a72bb32506bbcf20454df5cce75921c9c489907394ff61ecefa9666cb85420695e16f0a2b6535a1bb3b07

  • SSDEEP

    24576:rjh+EbVcvgbdEnDiDxPnLmEKZhZ4KkX3b:rF+ERcvnilPnCEKW3b

Score
10/10

Malware Config

Targets

    • Target

      14d94b9e3107b726cf14ea686420210c

    • Size

      836KB

    • MD5

      14d94b9e3107b726cf14ea686420210c

    • SHA1

      6f458076e34fd6ba779fef033274cbdc81268411

    • SHA256

      24df9e16089f20d2c3388a5decff09143930a28fb9b14abd165ef8c2389749d6

    • SHA512

      1881064e4d76ede52451e1d6406d27dc88c6a2d9658a72bb32506bbcf20454df5cce75921c9c489907394ff61ecefa9666cb85420695e16f0a2b6535a1bb3b07

    • SSDEEP

      24576:rjh+EbVcvgbdEnDiDxPnLmEKZhZ4KkX3b:rF+ERcvnilPnCEKW3b

    Score
    10/10
    • Modifies firewall policy service

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks