Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    73d6f2ac24b7d56fbc57027cc97b2533

  • Size

    154KB

  • Sample

    240125-f1458shah3

  • MD5

    73d6f2ac24b7d56fbc57027cc97b2533

  • SHA1

    22e6000efb3c8105523895cba69046e64c0ac7fb

  • SHA256

    7351147e7f1add344cb20f141dfae9e1831f21f1422a0f39a6bed2b68460f973

  • SHA512

    b98db9f01bd64e4d2b35d9c4a187ab90d6920be00e503cd97c6caf2d60743201300caf52ea08c6c7ae39cc56fc692a42c379bdb7a81653453712557c2078ed0e

  • SSDEEP

    3072:5W74Xt/i0xBebAAcWU7oCtbBCYCIXbbeKxrjIjhIFh4HalmlNXBSpJ:5W7OZi0xB3zb+I2KxPGIFh46lmjcH

Score
7/10

Malware Config

Targets

    • Target

      73d6f2ac24b7d56fbc57027cc97b2533

    • Size

      154KB

    • MD5

      73d6f2ac24b7d56fbc57027cc97b2533

    • SHA1

      22e6000efb3c8105523895cba69046e64c0ac7fb

    • SHA256

      7351147e7f1add344cb20f141dfae9e1831f21f1422a0f39a6bed2b68460f973

    • SHA512

      b98db9f01bd64e4d2b35d9c4a187ab90d6920be00e503cd97c6caf2d60743201300caf52ea08c6c7ae39cc56fc692a42c379bdb7a81653453712557c2078ed0e

    • SSDEEP

      3072:5W74Xt/i0xBebAAcWU7oCtbBCYCIXbbeKxrjIjhIFh4HalmlNXBSpJ:5W7OZi0xB3zb+I2KxPGIFh46lmjcH

    Score
    7/10
    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks