Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7999aaa9f33981c58a73448cc5778c0c

  • Size

    232KB

  • Sample

    240127-h15g4shbbq

  • MD5

    7999aaa9f33981c58a73448cc5778c0c

  • SHA1

    cc5ff93b593de57aeea9ec7713f9b61ac57fa28d

  • SHA256

    0cf276945bc54e734b7ea57cce18b2dabdc7bb18d0a849ee54f319de5c11ba5c

  • SHA512

    bf5e2c5370d149959d61b68caa72b5ac8fc678d97adce15cf41409ffabf4a9cb52233d794fb2ea423dea8b046a9c2c3f0b043b0b6bd0c278bad15b95db94123a

  • SSDEEP

    3072:lHMNyf21VHTCyPNHhP/VToqbeAtoH2ts7bLkAV7sp23MANi4q6DT4a:lHM1t5tDoH2tIs

Malware Config

Targets

    • Target

      7999aaa9f33981c58a73448cc5778c0c

    • Size

      232KB

    • MD5

      7999aaa9f33981c58a73448cc5778c0c

    • SHA1

      cc5ff93b593de57aeea9ec7713f9b61ac57fa28d

    • SHA256

      0cf276945bc54e734b7ea57cce18b2dabdc7bb18d0a849ee54f319de5c11ba5c

    • SHA512

      bf5e2c5370d149959d61b68caa72b5ac8fc678d97adce15cf41409ffabf4a9cb52233d794fb2ea423dea8b046a9c2c3f0b043b0b6bd0c278bad15b95db94123a

    • SSDEEP

      3072:lHMNyf21VHTCyPNHhP/VToqbeAtoH2ts7bLkAV7sp23MANi4q6DT4a:lHM1t5tDoH2tIs

    • Modifies firewall policy service

    • UAC bypass

    • Windows security bypass

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks