Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6a630413408781e9599b0a786ff50bf1fcba1532d8ed39137fe3f982a66ff85e.zip
-
Size
21.1MB
-
Sample
240126-ws828adack
-
MD5
08a9efb2889b8122b8f2ad97b27b0454
-
SHA1
58a7fc20512d8107d71e427b395eb6b620468ae0
-
SHA256
7f0c1a4c1422a1532c573fef0a3c7c498ad3e1e683d5cee10ec6ce462ee08dfd
-
SHA512
82032b0679579617045b323ea3e5ccd117be72090bc540433db00cbdaf79dc973e7e6b931a9415dd4b8e5baf4164f4fe02ce90957103d767d5411dfb49896843
-
SSDEEP
393216:UqtQhH4Bgu8uoWFZvySvThQiwSC39lIvvsw3M2nEt14iz/Z4YuWotiHdM:UGO4Bmuq1iwSC39Hqc14iz/Fotd
Static task
static1
Behavioral task
behavioral1
Sample
help.chm
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
help.chm
Resource
win10v2004-20231222-en
Behavioral task
behavioral3
Sample
iumsdk.dll
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
iumsdk.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
iumsdkx.dll
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
iumsdkx.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral7
Sample
setup.exe
Resource
win7-20231215-en
Behavioral task
behavioral8
Sample
setup.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
help.chm
-
Size
50KB
-
MD5
1bddb8a0e0f9cd90a5b3936ec2c2c4cf
-
SHA1
c8302168fb532fe03e76cb8a82aa53b49ee0bc44
-
SHA256
1e87c07744054709d271337d8ce06929429b334d70875605cb68ecc4c6610cd1
-
SHA512
b857de9026b3eab13f4dbc464e6403835e3a61e5e9e3566735bf1ddd8dedc4ecf08807b27207bd8b385250b71ea234b301dd49e6f3c90f1270ae03868c035472
-
SSDEEP
768:bGA4nw8h2r+N1m0WUrKI/vjf6NDxFfC/0L7qM+ZE+ox4nnW99vpuhzK10gim:bGAT62r+N1uUll/YQZFy4nQ/uxK1Gm
Score1/10 -
-
-
Target
iumsdk.dll
-
Size
21.4MB
-
MD5
38a1f4ecb5e3fb5af02de3a4681e791f
-
SHA1
21664480811b0bcb11e5b73dbec7c2af115fe068
-
SHA256
3493983742dfb866a96bf25d18c95e128121792882700b1f0788270828e86dd8
-
SHA512
9eda8f6a8c6755e840b18a27adac62df299861fa9c9d98c6fb76035c49ce350ebd943f3e0891d34cfe04c5c2b98d715a86c1ce74e6b39bcdcaee9dfb9a9629dc
-
SSDEEP
393216:RROnGsFnilzehV8OLK6u+JvNYJKneHX/QPZcRO6jzF:3GGsiah9LZu+F1nGvQ68M
Score1/10 -
-
-
Target
iumsdkx.dll
-
Size
22KB
-
MD5
b27e2b886da33ac7398b90f3753237d9
-
SHA1
1f2313801c973095ec5a2d8603f4452d5c297478
-
SHA256
759398bf89295a9e5161034fa0255eb2a8efc332f64239fad72048576b56e7d6
-
SHA512
9e36113c1c8fcb54225b1e1491ee59f925c65af64aa6e175eeb6807155d4a10a62b82ff4e8bc3cc9e80dbac80b33c18392213cc39f0751580cddc617f6bb9798
-
SSDEEP
384:ilLkoCwcgR2deJ4eRKWsX1cMW88W+jVyDBRJ3YGMveuOMlA6:iVEPwKWwQjI1P3nMvsw
Score1/10 -
-
-
Target
setup.exe
-
Size
470KB
-
MD5
ef1f9ff330de70415c306c50e84d1926
-
SHA1
5b84b24efb6b153fbe9a44c0a66db5f0b41c187d
-
SHA256
459d2001068a9415aff5759d98b74f342e5099e15c9b7506e23bbb4020fd0009
-
SHA512
632b35ae2225a15cc7761e48604e16f1aea147263b170482c95ce199065145729de540cf4d3d7b6ff0fdf589494332797a5714294a6df829c2f1c42ce4b4e5cf
-
SSDEEP
6144:34lnbdrfzE29c3qncF4DJtMMdhq2DHl3JE1XQRK1OeCYwc:QbdrfwJ3UtMKjROn8eCs
Score6/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon for persistence
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Scheduled Task/Job
1