Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    16689be3215ee390deda67e00a8cab59

  • Size

    16KB

  • Sample

    231230-mw6a3acegl

  • MD5

    16689be3215ee390deda67e00a8cab59

  • SHA1

    2df0a5b98dcfaa0d0d9678ab0fcf8c026312c7f5

  • SHA256

    7b77ef5b296a0a3b1bec825ced9a82654af18632fdcd71ef661a10ed738518ec

  • SHA512

    1c3a8c4afbea41329fc6db0fd2f45ce1ecaee4164690b46f9f17fd64e6479fc60721e3082d65cb529abb2d4efdfb3b677b6575671bcb0373b7feba9fec06c241

  • SSDEEP

    192:NinxVCvaadYvE5DjMFXkVzvaNqkoPzcNSPYMdp7z4VL9ZXgzm3BEmTi7KvJ/:wnxkinE5qkVziIkymSwzZwzNkiK/

Malware Config

Targets

    • Target

      16689be3215ee390deda67e00a8cab59

    • Size

      16KB

    • MD5

      16689be3215ee390deda67e00a8cab59

    • SHA1

      2df0a5b98dcfaa0d0d9678ab0fcf8c026312c7f5

    • SHA256

      7b77ef5b296a0a3b1bec825ced9a82654af18632fdcd71ef661a10ed738518ec

    • SHA512

      1c3a8c4afbea41329fc6db0fd2f45ce1ecaee4164690b46f9f17fd64e6479fc60721e3082d65cb529abb2d4efdfb3b677b6575671bcb0373b7feba9fec06c241

    • SSDEEP

      192:NinxVCvaadYvE5DjMFXkVzvaNqkoPzcNSPYMdp7z4VL9ZXgzm3BEmTi7KvJ/:wnxkinE5qkVziIkymSwzZwzNkiK/

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • UAC bypass

    • Disables RegEdit via registry modification

    • Disables Task Manager via registry modification

    • Disables use of System Restore points

    • Drops file in Drivers directory

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks