Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4033a555895253aac19eb732d9ae8c81

  • Size

    892KB

  • Sample

    240104-hte9msdch3

  • MD5

    4033a555895253aac19eb732d9ae8c81

  • SHA1

    557f18f34976f431c5e82040f33a29f32747dad2

  • SHA256

    5c82c273941ae0386ff31ab236baa2bf16d68a569848e68c1b7f0e0129a00984

  • SHA512

    546d6e56003e9e543331eaef8247fc6c88602ddc9796f9d22cbf8e1fb88e563a1f00ef338cabde55488eacb8b9462e883debd8aea6c9a064540f30940f6a380a

  • SSDEEP

    24576:efQDX+wVqKz7dftt/kIsRnLCCiHC5/r1nQM33:SQD+w7ntbk/Bj5/rZQe3

Score
10/10

Malware Config

Targets

    • Target

      4033a555895253aac19eb732d9ae8c81

    • Size

      892KB

    • MD5

      4033a555895253aac19eb732d9ae8c81

    • SHA1

      557f18f34976f431c5e82040f33a29f32747dad2

    • SHA256

      5c82c273941ae0386ff31ab236baa2bf16d68a569848e68c1b7f0e0129a00984

    • SHA512

      546d6e56003e9e543331eaef8247fc6c88602ddc9796f9d22cbf8e1fb88e563a1f00ef338cabde55488eacb8b9462e883debd8aea6c9a064540f30940f6a380a

    • SSDEEP

      24576:efQDX+wVqKz7dftt/kIsRnLCCiHC5/r1nQM33:SQD+w7ntbk/Bj5/rZQe3

    Score
    10/10
    • UAC bypass

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks