Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    eb7ab3e66fad6d8ed5dd85a571e82545.exe

  • Size

    178KB

  • Sample

    240109-xca1xsgacl

  • MD5

    eb7ab3e66fad6d8ed5dd85a571e82545

  • SHA1

    7c7297417a25592eccb1b8051ab91ad8488e11e7

  • SHA256

    2ca8e4b3919d58a54bbb210a2417144bf1b6885469ea98db4929bf8c5837d577

  • SHA512

    28dfe7da20b561c7d7c88551b00c46e740ecd774c3e9cc36d873dae8f45ce44e908a1c625f5d2ff42519144ee46903bbaf9f67677dd78f18a172d2e5cafab811

  • SSDEEP

    3072:xQCtdKoaJ1AnWlK9vYfKIgjagQLfNfb+k4R8j5a6bErEE3NihHwqOv7g:xQGjaMnWwwfKAfLf594R8bQF38

Score
10/10

Malware Config

Targets

    • Target

      eb7ab3e66fad6d8ed5dd85a571e82545.exe

    • Size

      178KB

    • MD5

      eb7ab3e66fad6d8ed5dd85a571e82545

    • SHA1

      7c7297417a25592eccb1b8051ab91ad8488e11e7

    • SHA256

      2ca8e4b3919d58a54bbb210a2417144bf1b6885469ea98db4929bf8c5837d577

    • SHA512

      28dfe7da20b561c7d7c88551b00c46e740ecd774c3e9cc36d873dae8f45ce44e908a1c625f5d2ff42519144ee46903bbaf9f67677dd78f18a172d2e5cafab811

    • SSDEEP

      3072:xQCtdKoaJ1AnWlK9vYfKIgjagQLfNfb+k4R8j5a6bErEE3NihHwqOv7g:xQGjaMnWwwfKAfLf594R8bQF38

    Score
    10/10
    • Modifies firewall policy service

    • Modifies security service

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks