Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

0131cfffda...4a.exe

windows7-x64

10

0131cfffda...4a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0131cfffda842b8b3da4ad14b00b1d4a.exe

  • Size

    3.2MB

  • Sample

    240102-s8hnesbfg8

  • MD5

    0131cfffda842b8b3da4ad14b00b1d4a

  • SHA1

    99d6917f016a45a4deba595a5bc77bc87c14f54c

  • SHA256

    1785f5f01c24a146f857a3b4a1b9e9cd0d23dea8b25f51c36186cdbeae50a0f2

  • SHA512

    23fcdb269d5470491b23e558682eaecfefbcf9b728b764cfd4d859895aece566179c5a33924f0a5c2eea04d94f56ae0ce12a3dc767be5160d2f94166bd64c08d

  • SSDEEP

    49152:bberQZbd2GerQZbd2GerQZbd2ZerQZbd2GerQZbd2GerQZbd2t:WrQZ8rQZ8rQZnrQZ8rQZ8rQZy

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      0131cfffda842b8b3da4ad14b00b1d4a.exe

    • Size

      3.2MB

    • MD5

      0131cfffda842b8b3da4ad14b00b1d4a

    • SHA1

      99d6917f016a45a4deba595a5bc77bc87c14f54c

    • SHA256

      1785f5f01c24a146f857a3b4a1b9e9cd0d23dea8b25f51c36186cdbeae50a0f2

    • SHA512

      23fcdb269d5470491b23e558682eaecfefbcf9b728b764cfd4d859895aece566179c5a33924f0a5c2eea04d94f56ae0ce12a3dc767be5160d2f94166bd64c08d

    • SSDEEP

      49152:bberQZbd2GerQZbd2GerQZbd2ZerQZbd2GerQZbd2GerQZbd2t:WrQZ8rQZ8rQZnrQZ8rQZ8rQZy

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks