Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    21a4685b09e9991d1317d3da93d0dd29

  • Size

    3.9MB

  • Sample

    231231-aq769aedcr

  • MD5

    21a4685b09e9991d1317d3da93d0dd29

  • SHA1

    8b7dabe8aa1d6e36c55d035af8e918efd56739d2

  • SHA256

    21f9df267c19cbddd39ca86b8ea1f2cdfecdfef586fe20778ebbfdc28911db0b

  • SHA512

    2913fbb8aa903e256a6926beb2baca5e1eb6b9c7a71c6985ca44b40135c3db68c277a8437ca74e1af5d9dd926dad30f0839ec47956136b41cb9ed45fdb54e852

  • SSDEEP

    98304:V4O08LdSUnxdFSqGvNfxMc7nUsY5czarjQKoe:QkNnxdFIwB5Y6QKf

Score
9/10

Malware Config

Targets

    • Target

      21a4685b09e9991d1317d3da93d0dd29

    • Size

      3.9MB

    • MD5

      21a4685b09e9991d1317d3da93d0dd29

    • SHA1

      8b7dabe8aa1d6e36c55d035af8e918efd56739d2

    • SHA256

      21f9df267c19cbddd39ca86b8ea1f2cdfecdfef586fe20778ebbfdc28911db0b

    • SHA512

      2913fbb8aa903e256a6926beb2baca5e1eb6b9c7a71c6985ca44b40135c3db68c277a8437ca74e1af5d9dd926dad30f0839ec47956136b41cb9ed45fdb54e852

    • SSDEEP

      98304:V4O08LdSUnxdFSqGvNfxMc7nUsY5czarjQKoe:QkNnxdFIwB5Y6QKf

    Score
    9/10
    • Checks for common network interception software

      Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks