Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    10d5d1504841417c479d293f23d7841e.exe

  • Size

    32KB

  • Sample

    240105-nxkw7aahar

  • MD5

    10d5d1504841417c479d293f23d7841e

  • SHA1

    4d00f158ae676df8ce5eb9edb47ebb8934719d56

  • SHA256

    cd3e7bc73872f6dc927cb3a9f186a15a4525e9fc989dd03925acd2ecf496e8f5

  • SHA512

    54ac6c17ec124f8bd3121472ea8b635da867becdd195157eeeee6f1aca2f38262c3d3ff70601de5bdd4a778032fcaec07f735a0a334107ec36e6063ff6db7439

  • SSDEEP

    768:qu5aW2SDT07OTe8//gCSD1MV+qHDVSu5pjJpOOeC:qYRmOTj3ghMVvDVSOpjJG

Malware Config

Targets

    • Target

      10d5d1504841417c479d293f23d7841e.exe

    • Size

      32KB

    • MD5

      10d5d1504841417c479d293f23d7841e

    • SHA1

      4d00f158ae676df8ce5eb9edb47ebb8934719d56

    • SHA256

      cd3e7bc73872f6dc927cb3a9f186a15a4525e9fc989dd03925acd2ecf496e8f5

    • SHA512

      54ac6c17ec124f8bd3121472ea8b635da867becdd195157eeeee6f1aca2f38262c3d3ff70601de5bdd4a778032fcaec07f735a0a334107ec36e6063ff6db7439

    • SSDEEP

      768:qu5aW2SDT07OTe8//gCSD1MV+qHDVSu5pjJpOOeC:qYRmOTj3ghMVvDVSOpjJG

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Sets service image path in registry

    • Deletes itself

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks