Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

7b36cddaed...2d.exe

windows7-x64

10

7b36cddaed...2d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7b36cddaedb661f749215c3080ab3e2d.exe

  • Size

    688KB

  • Sample

    240101-lmrkwafger

  • MD5

    7b36cddaedb661f749215c3080ab3e2d

  • SHA1

    feb92c177e3df86f51ae7dd541ddb9498f15ff98

  • SHA256

    1956c7c037981705d9274f4cc0457c5cd0b535eed210e8f337e1343631b4fffc

  • SHA512

    b3372bd1ea0f45c43e73d2afdbcc50b5fb133464d0eb45a4f12f3ff15d39d289e282a57965e757e369a8acfb221d80971a01c034451389056b51cebff92625aa

  • SSDEEP

    12288:UZWtI6RkoureZJys73dOvXDpNjNe8zyOB0uqkeZJys73dOvXDpNjNe8r:UuhaneZJ8NI8zyOMkeZJ8NI8r

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      7b36cddaedb661f749215c3080ab3e2d.exe

    • Size

      688KB

    • MD5

      7b36cddaedb661f749215c3080ab3e2d

    • SHA1

      feb92c177e3df86f51ae7dd541ddb9498f15ff98

    • SHA256

      1956c7c037981705d9274f4cc0457c5cd0b535eed210e8f337e1343631b4fffc

    • SHA512

      b3372bd1ea0f45c43e73d2afdbcc50b5fb133464d0eb45a4f12f3ff15d39d289e282a57965e757e369a8acfb221d80971a01c034451389056b51cebff92625aa

    • SSDEEP

      12288:UZWtI6RkoureZJys73dOvXDpNjNe8zyOB0uqkeZJys73dOvXDpNjNe8r:UuhaneZJ8NI8zyOMkeZJ8NI8r

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks