Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    63bada2878471d7f2ee4fca92beb58d9.bin

  • Size

    91.0MB

  • Sample

    240221-dafzlsae74

  • MD5

    63bada2878471d7f2ee4fca92beb58d9

  • SHA1

    7256074b9aecb4bae3256e3e956b494f5af6a7b8

  • SHA256

    670f7cee25aaba5c1f3bfbb4f024eaf394304b87928c96531d7393cf9730fa58

  • SHA512

    fdf719386664ff71e545ed9baeea04eeebe052eeb594dc1168b50c6ee71c87cd3999ca66c6c2a65a16d29291a126d734dc4413c23cb5cf8f97e301177c016b1a

  • SSDEEP

    1572864:5g7Xhx6o3bLRPlESTjTXKOz7QbB8Tn1EduqkJy/YPVUwk8/LZHw62oOIZc+6FxL2:qv6o3/zEyjTaj18Tn1JPoQ1x/L5w65OU

Score
7/10

Malware Config

Targets

    • Target

      .NET Framework 4.6.2/NDP462-KB3151800-x86-x64-AllOS-ENU.exe

    • Size

      59.1MB

    • MD5

      9a5d647ee710af2b1aede329c40bbe1a

    • SHA1

      a70f856bda33d45ad0a8ad035f73092441715431

    • SHA256

      28886593e3b32f018241a4c0b745e564526dbb3295cb2635944e3a393f4278d4

    • SHA512

      e183b33f93fd5f9aa93a1ec02103d2548ca22e3447ef2ceede89a5debefc4f2c20990567eb17afa412e0698d577adda373e433847ec8b79ec04be3c86edd9f0e

    • SSDEEP

      1572864:7g7Xhx6o3bLRPlESTjTXKOz7QbB8Tn1EduqkJy/YPVUwk8/:sv6o3/zEyjTaj18Tn1JPoQ1x/

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      AcerDisplayWidget.msi

    • Size

      29.5MB

    • MD5

      d203f457661a5302f7314ba5803191bc

    • SHA1

      1813fa747fdc7fc798bb7bd45a2088ff5d310ec1

    • SHA256

      e708fe4b7a8d6a07bf5e670cfd64e0e6949b4a8752e013ca9693313b1c50e15f

    • SHA512

      ac64ec7b80f011fadb65418d491639e7c3c147857812993c336f893ad46e70fb8dedeea87d2d0605aa50295f58aae460d2dcb0f19e9283a7165bb47d1dba28a3

    • SSDEEP

      786432:OqousVZRHad2yswfP6e1oU7iE+Zc7aB5J6j0GxR:yZHw62oOIZc+6Fx

    Score
    6/10
    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Target

      AcerDisplayWidget_Setup_v402.exe

    • Size

      2.4MB

    • MD5

      afe24df14339b0f48595819a92184550

    • SHA1

      aae435cdfce1c456c1bcccb9fc471a43a01ca432

    • SHA256

      52bd445d38590a3f986f20618f9b419eb06f38098d8aa0c929364c9a4ea22848

    • SHA512

      b405329a081fcefa025eae6c47faaaeef1c9aa8d78d8024c526b32d116e2f0d07c85c304781534200a8c365c115c8ebca3f3ec6c68812cb65774a8996fab37de

    • SSDEEP

      49152:/XTwCzbCMN9HmwFWHIAHerVBRN4PxP8kL/Ln03:/XrN9HPQIqsR

    Score
    7/10
    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks