Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

4ee02d0aaa...9c.exe

windows7-x64

10

4ee02d0aaa...9c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4ee02d0aaa6c5973e34d05d0d6a7f19c

  • Size

    519KB

  • Sample

    240109-vm2khsfhe6

  • MD5

    4ee02d0aaa6c5973e34d05d0d6a7f19c

  • SHA1

    1d04a6a5db7e0fa2c06b3f2b4554aeabd9f78c68

  • SHA256

    0b90c40e938c22cb9bb9c9e8cf03d215b2e9e796d3e2f278a03c0438fe1a6597

  • SHA512

    059be49389131afcee3011f1821ab6f83ed52c6d11dec5caebb4938910fb851b782ad7614e90102332c48726c1d4cd04f426bf7dbce1cc8f6893977a6fa41bab

  • SSDEEP

    12288:yo5r7ZZ3RuAEEkCts0FNaWHcE+fcP1wb8HnAB88ZFg:yo5r7ZZ3d2mNa1H8RH/8U

Score
10/10
aspackv2persistence

Malware Config

Targets

    • Target

      4ee02d0aaa6c5973e34d05d0d6a7f19c

    • Size

      519KB

    • MD5

      4ee02d0aaa6c5973e34d05d0d6a7f19c

    • SHA1

      1d04a6a5db7e0fa2c06b3f2b4554aeabd9f78c68

    • SHA256

      0b90c40e938c22cb9bb9c9e8cf03d215b2e9e796d3e2f278a03c0438fe1a6597

    • SHA512

      059be49389131afcee3011f1821ab6f83ed52c6d11dec5caebb4938910fb851b782ad7614e90102332c48726c1d4cd04f426bf7dbce1cc8f6893977a6fa41bab

    • SSDEEP

      12288:yo5r7ZZ3RuAEEkCts0FNaWHcE+fcP1wb8HnAB88ZFg:yo5r7ZZ3d2mNa1H8RH/8U

    Score
    10/10
    aspackv2persistence

    • Modifies WinLogon for persistence

      persistence

    • Adds policy Run key to start application

      persistence

    • Modifies Installed Components in the registry

      persistence

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks