Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4033a555895253aac19eb732d9ae8c81
-
Size
892KB
-
Sample
240104-hte9msdch3
-
MD5
4033a555895253aac19eb732d9ae8c81
-
SHA1
557f18f34976f431c5e82040f33a29f32747dad2
-
SHA256
5c82c273941ae0386ff31ab236baa2bf16d68a569848e68c1b7f0e0129a00984
-
SHA512
546d6e56003e9e543331eaef8247fc6c88602ddc9796f9d22cbf8e1fb88e563a1f00ef338cabde55488eacb8b9462e883debd8aea6c9a064540f30940f6a380a
-
SSDEEP
24576:efQDX+wVqKz7dftt/kIsRnLCCiHC5/r1nQM33:SQD+w7ntbk/Bj5/rZQe3
Behavioral task
behavioral1
Sample
4033a555895253aac19eb732d9ae8c81.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
4033a555895253aac19eb732d9ae8c81
-
Size
892KB
-
MD5
4033a555895253aac19eb732d9ae8c81
-
SHA1
557f18f34976f431c5e82040f33a29f32747dad2
-
SHA256
5c82c273941ae0386ff31ab236baa2bf16d68a569848e68c1b7f0e0129a00984
-
SHA512
546d6e56003e9e543331eaef8247fc6c88602ddc9796f9d22cbf8e1fb88e563a1f00ef338cabde55488eacb8b9462e883debd8aea6c9a064540f30940f6a380a
-
SSDEEP
24576:efQDX+wVqKz7dftt/kIsRnLCCiHC5/r1nQM33:SQD+w7ntbk/Bj5/rZQe3
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
2Virtualization/Sandbox Evasion
1