Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5a43bf16573ed704bae6f47eb5281892
-
Size
823KB
-
Sample
240114-eyd1ladac5
-
MD5
5a43bf16573ed704bae6f47eb5281892
-
SHA1
2590c1e0d94c1b6104473fa8891a59bdc8cdf6fa
-
SHA256
29d3c94a7a90b73ae8c3ee5776a176dae164392eb92627383fb177570b2e3498
-
SHA512
0b0f5f42166babc4c3153ececa44b74110f53c558d5b7faa6684876b5dc3e07a04741bd9feaa6e22fabf83c65b870d0f86f83197d0106c79814f49a2f0426e14
-
SSDEEP
24576:8b80K3OuFD/cGfPy3tZHApPkCVfqqbWnAwT8OXcxb:8h3uhU7XAdk0qqbWAfOU
Static task
static1
Behavioral task
behavioral1
Sample
5a43bf16573ed704bae6f47eb5281892.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
5a43bf16573ed704bae6f47eb5281892.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.gmail.com - Port:
587 - Username:
[email protected] - Password:
rienafaire99
Targets
-
-
Target
5a43bf16573ed704bae6f47eb5281892
-
Size
823KB
-
MD5
5a43bf16573ed704bae6f47eb5281892
-
SHA1
2590c1e0d94c1b6104473fa8891a59bdc8cdf6fa
-
SHA256
29d3c94a7a90b73ae8c3ee5776a176dae164392eb92627383fb177570b2e3498
-
SHA512
0b0f5f42166babc4c3153ececa44b74110f53c558d5b7faa6684876b5dc3e07a04741bd9feaa6e22fabf83c65b870d0f86f83197d0106c79814f49a2f0426e14
-
SSDEEP
24576:8b80K3OuFD/cGfPy3tZHApPkCVfqqbWnAwT8OXcxb:8h3uhU7XAdk0qqbWAfOU
Score10/10-
Disables Task Manager via registry modification
-
Drops startup file
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1