Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

573449aee4...6d.exe

windows7-x64

8

573449aee4...6d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    573449aee41dada8315245de9c17f96d

  • Size

    3.1MB

  • Sample

    240112-w98ssadden

  • MD5

    573449aee41dada8315245de9c17f96d

  • SHA1

    3f134e9e4df7146c6e572069f5d6623d5dc7d200

  • SHA256

    1002b595d5153ea888a23b3d5253105fb8e30d94bf9bfc4544f8094a1d849948

  • SHA512

    4f30ba1b60dd7a82eccbe443fe0049e4b360d27ea518f3a0a61a7e2a7a5bd967c58739cb165a16fb0e3e129718b9afae78f3fc0a063a2ec4a874d410ab3947ec

  • SSDEEP

    98304:QEmhtXP+pTDCrmHZ9Gy7dWHQJIuULiVzxDXwZjUEDYZT+UVim4e:UaTG6HzfznbCfDAVite

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      573449aee41dada8315245de9c17f96d

    • Size

      3.1MB

    • MD5

      573449aee41dada8315245de9c17f96d

    • SHA1

      3f134e9e4df7146c6e572069f5d6623d5dc7d200

    • SHA256

      1002b595d5153ea888a23b3d5253105fb8e30d94bf9bfc4544f8094a1d849948

    • SHA512

      4f30ba1b60dd7a82eccbe443fe0049e4b360d27ea518f3a0a61a7e2a7a5bd967c58739cb165a16fb0e3e129718b9afae78f3fc0a063a2ec4a874d410ab3947ec

    • SSDEEP

      98304:QEmhtXP+pTDCrmHZ9Gy7dWHQJIuULiVzxDXwZjUEDYZT+UVim4e:UaTG6HzfznbCfDAVite

    Score
    8/10
    evasionpersistence

    • Modifies Windows Firewall

      evasion

    • Stops running service(s)

      evasion

    • Uses Session Manager for persistence

      Creates Session Manager registry key to run executable early in system boot.

      persistence

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.