Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1d98f1b9329d1bffe4babfec791d62c414cf4929c2d33becce5cb3723dbfcfed

  • Size

    6.2MB

  • Sample

    240104-3h2nqadgak

  • MD5

    7db309d6c5d298fab9e755bb613cd60b

  • SHA1

    bd53f777213e40c6fca750db856a539b91f2779b

  • SHA256

    1d98f1b9329d1bffe4babfec791d62c414cf4929c2d33becce5cb3723dbfcfed

  • SHA512

    5b68f2751b95ff76797363a464537505fabdd1920f3f934781ef8c42ad96b487ff1c0076b453d3fbfeb78506b3da245bdc6f205dac105070e5afda1b9966fa98

  • SSDEEP

    98304:GeyArfCP1wi5R3vgVz6h85sJUWrmpDCbWp/NK9N7dsNrZabsBVEEJs1QbAy:ACmrc6h8mKkOOWp/NKU3VEQbA

Malware Config

Targets

    • Target

      1d98f1b9329d1bffe4babfec791d62c414cf4929c2d33becce5cb3723dbfcfed

    • Size

      6.2MB

    • MD5

      7db309d6c5d298fab9e755bb613cd60b

    • SHA1

      bd53f777213e40c6fca750db856a539b91f2779b

    • SHA256

      1d98f1b9329d1bffe4babfec791d62c414cf4929c2d33becce5cb3723dbfcfed

    • SHA512

      5b68f2751b95ff76797363a464537505fabdd1920f3f934781ef8c42ad96b487ff1c0076b453d3fbfeb78506b3da245bdc6f205dac105070e5afda1b9966fa98

    • SSDEEP

      98304:GeyArfCP1wi5R3vgVz6h85sJUWrmpDCbWp/NK9N7dsNrZabsBVEEJs1QbAy:ACmrc6h8mKkOOWp/NKU3VEQbA

    • Detected google phishing page

    • Modifies Windows Defender Real-time Protection settings

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks