Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3825d6fb7a4382f476703a77eec61b98

  • Size

    38KB

  • Sample

    231231-qs772acehj

  • MD5

    3825d6fb7a4382f476703a77eec61b98

  • SHA1

    5880b258c3c2510350ad5db27f94cf7552d84afb

  • SHA256

    f73eb4451ef01490c725d10393934627cc77e53668f3e1fc633a940bb05cf8d4

  • SHA512

    17d0ac770d1fd27e4bc7033723131631326c960160d0e32a36e5382220f99bda9c5798636eea65b70774701d8cea7ac2532073ae40a78c96fc248abc2036f142

  • SSDEEP

    768:aHpqwkfEY6GmDvRwlNoJfiqFMkBh5e6BXZgB4e:aHpXkfhitgQiqFd5XZgCe

Malware Config

Targets

    • Target

      3825d6fb7a4382f476703a77eec61b98

    • Size

      38KB

    • MD5

      3825d6fb7a4382f476703a77eec61b98

    • SHA1

      5880b258c3c2510350ad5db27f94cf7552d84afb

    • SHA256

      f73eb4451ef01490c725d10393934627cc77e53668f3e1fc633a940bb05cf8d4

    • SHA512

      17d0ac770d1fd27e4bc7033723131631326c960160d0e32a36e5382220f99bda9c5798636eea65b70774701d8cea7ac2532073ae40a78c96fc248abc2036f142

    • SSDEEP

      768:aHpqwkfEY6GmDvRwlNoJfiqFMkBh5e6BXZgB4e:aHpXkfhitgQiqFd5XZgCe

    • Modifies firewall policy service

    • Drops file in Drivers directory

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Deletes itself

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks