Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

fd9c7a9528...af.exe

windows7-x64

8

fd9c7a9528...af.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd9c7a95284cee5e0145b8255e04a8af.bin

  • Size

    84KB

  • Sample

    240212-ftexrseg96

  • MD5

    fd9c7a95284cee5e0145b8255e04a8af

  • SHA1

    70c830fa72a3ac444cfb48feb1e763363f00899e

  • SHA256

    dfa6a6ffe5fa53daddf2403ba5cb9a3c2d99a31463da7edeebb6e9c28af82802

  • SHA512

    0d2e3f869f6828dbe7dbc09e4c468483c9a5bd087bae38bfc7a2723545aaa87bf726c84a20618235b2e21c83074e7a4c403927f78dce40bd394c57dfaf1d1ae3

  • SSDEEP

    1536:7azWlKzJVcNp++yQNS6xNNCT2l8NE8llbpTaCJRpsWr6cdaQTJSvYYm78Rxvp:JFNpo6rIKlUE8fbkqRfbaQlaYYmI

Score
8/10
persistence

Malware Config

Targets

    • Target

      fd9c7a95284cee5e0145b8255e04a8af.bin

    • Size

      84KB

    • MD5

      fd9c7a95284cee5e0145b8255e04a8af

    • SHA1

      70c830fa72a3ac444cfb48feb1e763363f00899e

    • SHA256

      dfa6a6ffe5fa53daddf2403ba5cb9a3c2d99a31463da7edeebb6e9c28af82802

    • SHA512

      0d2e3f869f6828dbe7dbc09e4c468483c9a5bd087bae38bfc7a2723545aaa87bf726c84a20618235b2e21c83074e7a4c403927f78dce40bd394c57dfaf1d1ae3

    • SSDEEP

      1536:7azWlKzJVcNp++yQNS6xNNCT2l8NE8llbpTaCJRpsWr6cdaQTJSvYYm78Rxvp:JFNpo6rIKlUE8fbkqRfbaQlaYYmI

    Score
    8/10
    persistence

    • Downloads MZ/PE file

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Sets service image path in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks