Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Downloads.exe
-
Size
4.0MB
-
Sample
240101-pgalysdca8
-
MD5
cd8f4e150be0693f4b1336a6c9702702
-
SHA1
57be21a8e57685ed144acacf3d55e3c6a0d5edac
-
SHA256
f63240082e6fe7f88706b94a8d2f8cda68bd420bfff1c22140a1403041347d5a
-
SHA512
2fc2da8396ee36c9ecf62400302980da203070195e9f4b6fe4f6c6f3b5ccfc8d8b64850ed158e1d539f0e9a9bdce7e00db9848dc03bdaf5ae77494b779989077
-
SSDEEP
98304:FszYBRrkXK0TX8hokq4+cbrHiNWvcRvi227kVy2KRE2PEdD3rDD:kYIXL8hg4zaYvcc/o7KREN9rX
Static task
static1
Behavioral task
behavioral1
Sample
Downloads.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Downloads.exe
Resource
win10-20231215-en
Behavioral task
behavioral3
Sample
Downloads.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
Downloads.exe
-
Size
4.0MB
-
MD5
cd8f4e150be0693f4b1336a6c9702702
-
SHA1
57be21a8e57685ed144acacf3d55e3c6a0d5edac
-
SHA256
f63240082e6fe7f88706b94a8d2f8cda68bd420bfff1c22140a1403041347d5a
-
SHA512
2fc2da8396ee36c9ecf62400302980da203070195e9f4b6fe4f6c6f3b5ccfc8d8b64850ed158e1d539f0e9a9bdce7e00db9848dc03bdaf5ae77494b779989077
-
SSDEEP
98304:FszYBRrkXK0TX8hokq4+cbrHiNWvcRvi227kVy2KRE2PEdD3rDD:kYIXL8hg4zaYvcc/o7KREN9rX
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
3Subvert Trust Controls
1Install Root Certificate
1Virtualization/Sandbox Evasion
1