Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Archive.zip
-
Size
2KB
-
Sample
240126-r6ggxahdgr
-
MD5
8da5a6c5098c1d36dcd046a12b3adcb1
-
SHA1
58fce8440a62238bde216e79e17461721a8da5b4
-
SHA256
5c0ea6873ce7e54899a1f10e66e96964f0232e7cae1c6b750875f8576988f7ed
-
SHA512
a7beddec5e4ec4f412c97f951114b0344f8e9ea5d4a70156be9b55d84c7df810ec981c367db776231db53350eeb3f1e399e5c310ec2f44059c0bf607e125e546
Malware Config
Targets
-
-
Target
Archive.zip
-
Size
2KB
-
MD5
8da5a6c5098c1d36dcd046a12b3adcb1
-
SHA1
58fce8440a62238bde216e79e17461721a8da5b4
-
SHA256
5c0ea6873ce7e54899a1f10e66e96964f0232e7cae1c6b750875f8576988f7ed
-
SHA512
a7beddec5e4ec4f412c97f951114b0344f8e9ea5d4a70156be9b55d84c7df810ec981c367db776231db53350eeb3f1e399e5c310ec2f44059c0bf607e125e546
Score8/10-
Downloads MZ/PE file
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-
-
-
Target
Pic1 (1).8xi
-
Size
832B
-
MD5
e4fdb42a6bbfcd318b35de3409f045a9
-
SHA1
ebdf2f93ebcd7ceb571be58795c2da461ce8e464
-
SHA256
a4c644438d0c476633c14f1ad3c6fcc4cc541a1aa6c018b58de7e6c1052770ba
-
SHA512
476879bd221c8f67aff10e05207831837c68509436770b101ea761250e0502761da312d9db993c8c9b0a55b5580f9d675c087284c7d8c79eedc56a938bd49738
Score3/10 -
-
-
Target
Pic2.8xi
-
Size
832B
-
MD5
2bb2f0f38df5cf0a278e55125ab040a7
-
SHA1
c3ff2c2ce7df76108556027d13efcc161a431fdb
-
SHA256
096b64d1e7871caa62d977bdd799ba86f6a29c02bcc2aba9a8790edc6d05478d
-
SHA512
b341b9e28efd709402f39e38702404186c29c87239ebf5656e09a9a1ef0b96727d7967159927e5cd9f5cbce32e6349ee05ebff2e4bd5ecc73eef36bc9883461d
Score3/10 -
-
-
Target
Pic3.8xi
-
Size
832B
-
MD5
5c732e13e0a0ab7655c5c2aead44dbc5
-
SHA1
c6b6ef3f07db7b481f2aef231e10c511ea8269ac
-
SHA256
52e51867f61554f92b23c75410e41eba38f4d1400454f43d3ff151f840b742f6
-
SHA512
7cd71f3478975e98fece2ddad9069fb2853d0b99a6535efff7feada990d4bfe8e656bbaf85d3b9be26566939e0b79220d0360c1d1075a93d5e8cbce7b083eb1c
Score3/10 -
-
-
Target
Pic4.8xi
-
Size
832B
-
MD5
d8ec4557fe9e91ff78363df1b7cd10a6
-
SHA1
e71d4f8c5c0a2490f8154bc5abeb5a45f2bf1844
-
SHA256
3362b26128352907e8a744f810997977fdb0c1457a9724b351ed89ee3a35c7d8
-
SHA512
10ca5c2bb20378f9ee646f254155be3d760f20573b12e738147bd65393d53a9543649daaa1605b134c7bda6c50fd6313539b08f5edbd93831fec31d0805918e8
Score3/10 -
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Event Triggered Execution
1Change Default File Association
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Event Triggered Execution
1Change Default File Association
1