Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

130608a012...9b.exe

windows7-x64

8

130608a012...9b.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    130608a012b4f2a0530f03c514ee98970af2d8a5b59ce4df65131497f9a5a19b

  • Size

    508KB

  • Sample

    240223-xbj77sfh4x

  • MD5

    4f928378218475436eb1dd16f6c61e5f

  • SHA1

    69f1ddc875ed2b943da2fac852772e4f95f66e1c

  • SHA256

    130608a012b4f2a0530f03c514ee98970af2d8a5b59ce4df65131497f9a5a19b

  • SHA512

    e13debaa71a2ebb4abfd4d19c55f132609e85aa53421691c22198fcffb78ffcdd06c8d2e0ba694acc08f0899b006ead63377ef36b646defda45cf73e8a1e8593

  • SSDEEP

    12288:G7++0rrQQkFFP4oOJmqpwjy9oQNDbOpxozwzgA:G7q/kf0w9QofoSgA

Score
8/10
persistence

Malware Config

Targets

    • Target

      130608a012b4f2a0530f03c514ee98970af2d8a5b59ce4df65131497f9a5a19b

    • Size

      508KB

    • MD5

      4f928378218475436eb1dd16f6c61e5f

    • SHA1

      69f1ddc875ed2b943da2fac852772e4f95f66e1c

    • SHA256

      130608a012b4f2a0530f03c514ee98970af2d8a5b59ce4df65131497f9a5a19b

    • SHA512

      e13debaa71a2ebb4abfd4d19c55f132609e85aa53421691c22198fcffb78ffcdd06c8d2e0ba694acc08f0899b006ead63377ef36b646defda45cf73e8a1e8593

    • SSDEEP

      12288:G7++0rrQQkFFP4oOJmqpwjy9oQNDbOpxozwzgA:G7q/kf0w9QofoSgA

    Score
    8/10
    persistence

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks