Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6a630413408781e9599b0a786ff50bf1fcba1532d8ed39137fe3f982a66ff85e.zip

  • Size

    21.1MB

  • Sample

    240126-ws828adack

  • MD5

    08a9efb2889b8122b8f2ad97b27b0454

  • SHA1

    58a7fc20512d8107d71e427b395eb6b620468ae0

  • SHA256

    7f0c1a4c1422a1532c573fef0a3c7c498ad3e1e683d5cee10ec6ce462ee08dfd

  • SHA512

    82032b0679579617045b323ea3e5ccd117be72090bc540433db00cbdaf79dc973e7e6b931a9415dd4b8e5baf4164f4fe02ce90957103d767d5411dfb49896843

  • SSDEEP

    393216:UqtQhH4Bgu8uoWFZvySvThQiwSC39lIvvsw3M2nEt14iz/Z4YuWotiHdM:UGO4Bmuq1iwSC39Hqc14iz/Fotd

Malware Config

Targets

    • Target

      help.chm

    • Size

      50KB

    • MD5

      1bddb8a0e0f9cd90a5b3936ec2c2c4cf

    • SHA1

      c8302168fb532fe03e76cb8a82aa53b49ee0bc44

    • SHA256

      1e87c07744054709d271337d8ce06929429b334d70875605cb68ecc4c6610cd1

    • SHA512

      b857de9026b3eab13f4dbc464e6403835e3a61e5e9e3566735bf1ddd8dedc4ecf08807b27207bd8b385250b71ea234b301dd49e6f3c90f1270ae03868c035472

    • SSDEEP

      768:bGA4nw8h2r+N1m0WUrKI/vjf6NDxFfC/0L7qM+ZE+ox4nnW99vpuhzK10gim:bGAT62r+N1uUll/YQZFy4nQ/uxK1Gm

    Score
    1/10
    • Target

      iumsdk.dll

    • Size

      21.4MB

    • MD5

      38a1f4ecb5e3fb5af02de3a4681e791f

    • SHA1

      21664480811b0bcb11e5b73dbec7c2af115fe068

    • SHA256

      3493983742dfb866a96bf25d18c95e128121792882700b1f0788270828e86dd8

    • SHA512

      9eda8f6a8c6755e840b18a27adac62df299861fa9c9d98c6fb76035c49ce350ebd943f3e0891d34cfe04c5c2b98d715a86c1ce74e6b39bcdcaee9dfb9a9629dc

    • SSDEEP

      393216:RROnGsFnilzehV8OLK6u+JvNYJKneHX/QPZcRO6jzF:3GGsiah9LZu+F1nGvQ68M

    Score
    1/10
    • Target

      iumsdkx.dll

    • Size

      22KB

    • MD5

      b27e2b886da33ac7398b90f3753237d9

    • SHA1

      1f2313801c973095ec5a2d8603f4452d5c297478

    • SHA256

      759398bf89295a9e5161034fa0255eb2a8efc332f64239fad72048576b56e7d6

    • SHA512

      9e36113c1c8fcb54225b1e1491ee59f925c65af64aa6e175eeb6807155d4a10a62b82ff4e8bc3cc9e80dbac80b33c18392213cc39f0751580cddc617f6bb9798

    • SSDEEP

      384:ilLkoCwcgR2deJ4eRKWsX1cMW88W+jVyDBRJ3YGMveuOMlA6:iVEPwKWwQjI1P3nMvsw

    Score
    1/10
    • Target

      setup.exe

    • Size

      470KB

    • MD5

      ef1f9ff330de70415c306c50e84d1926

    • SHA1

      5b84b24efb6b153fbe9a44c0a66db5f0b41c187d

    • SHA256

      459d2001068a9415aff5759d98b74f342e5099e15c9b7506e23bbb4020fd0009

    • SHA512

      632b35ae2225a15cc7761e48604e16f1aea147263b170482c95ce199065145729de540cf4d3d7b6ff0fdf589494332797a5714294a6df829c2f1c42ce4b4e5cf

    • SSDEEP

      6144:34lnbdrfzE29c3qncF4DJtMMdhq2DHl3JE1XQRK1OeCYwc:QbdrfwJ3UtMKjROn8eCs

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Modifies WinLogon for persistence

MITRE ATT&CK Enterprise v15

Tasks