Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f2d134af5bcec28a7ef4aff037e4f729.exe

  • Size

    1.2MB

  • Sample

    240109-wthawsgcf8

  • MD5

    f2d134af5bcec28a7ef4aff037e4f729

  • SHA1

    91d3ecb2d7cea0c40f64fae4606532e86cefa582

  • SHA256

    60bdd75d01cf895864d943826167a1c4a4a7a51bf8337400922ac2944bece9d3

  • SHA512

    a986ca59a35f3949cb77e2deb78b014124dde68b5c57ca966b78e41d2a942dfad0d7efd8171310d3b4de2d07961e3bdac55ed9995c076d58d62a925288b5ff30

  • SSDEEP

    24576:Uuhakt+erQZb+md4wmwt+erQZb+md4wmMZ:boerQZbd2JerQZbd24Z

Score
10/10

Malware Config

Targets

    • Target

      f2d134af5bcec28a7ef4aff037e4f729.exe

    • Size

      1.2MB

    • MD5

      f2d134af5bcec28a7ef4aff037e4f729

    • SHA1

      91d3ecb2d7cea0c40f64fae4606532e86cefa582

    • SHA256

      60bdd75d01cf895864d943826167a1c4a4a7a51bf8337400922ac2944bece9d3

    • SHA512

      a986ca59a35f3949cb77e2deb78b014124dde68b5c57ca966b78e41d2a942dfad0d7efd8171310d3b4de2d07961e3bdac55ed9995c076d58d62a925288b5ff30

    • SSDEEP

      24576:Uuhakt+erQZb+md4wmwt+erQZb+md4wmMZ:boerQZbd2JerQZbd24Z

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks